NATIONAL SECURITY AGENCY 
CENTRAL SECURITY SERVICE 

FORT GEORGE G MEADE, MARYLAND 20755-6000 



FOIA Cases: 
1 July 2019 


79204X,79825A 
and 85643B 


JASON LEOPOLD 
C/0 JOSEPH C. KELLY 
1712 EYE STREET, NW SUITE 915 
WASHINGTON DC 20006 

Dear Mr. Leopold: 

This letter is in response to your Freedom of Information Act (FOIA) request 
dated 20 September 2014 for “disclosure from the National Security Agency Office of 
Inspector General a copy of the concluding document (report of investigation, final 
report, closing memo, referral letter) concerning investigations closed in calendar year 
2013 and 2014 concerning misconduct, actual or alleged.” You advised on 26 
September 2014 that you wished to amend your request to “a copy of the concluding 
document (report of investigation, final report, closing memo, referral letter) 
concerning investigations closed in calendar year 2013 and 2014 concerning ONLY 
findings of misconduct.” As stated in our initial letter, dated 23 September 2014, 
your request was assigned Case Number 79204. 

Please note that this letter also provides interim responses to the following 2 
additional and related Freedom of Information Act (FOIA) requests that are covered by 
the same civil complaint (l:16-cv-02258): 

FOIA request dated 30 November 2014 for “...disclosure from the National 
Security Agency Office of the Inspector General of copies of Semi-Annual 
Reports for the past 11 years.” As stated in our initial response letter to 
this request, dated 2 December 2014, this request was assigned Case 
Number 79825. 

FOIA request dated 6 October 2016 for “...disclosure from the National 
Security Agency Office of Inspector General a copy of the concluding 
document (report of investigation, final report, closing memo, referral letter) 
concerning all investigations conducted and closed in calendar years 2015 
and 2016 thus far concerning any and all misconduct, actual or alleged.” As 
stated in our initial letter, dated 13 October 2016, this request was assigned 
Case Number 85643. 

Your requests are being processed under the FOIA. We processed 22 
documents totaling 406 pages for this release and 402 pages are enclosed. 
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and 85643B 

We processed 5 documents totaling 176 pages for this release from case 79204. 
Three documents (172 pages) are enclosed. The remaining two documents (4 pages) 
were determined to be non-responsive to your request: 

• Doc ID 6672215, pages NSA 08546 - 08586 

• Doc ID 6672216, pages NSA 08587 - 08597 

• Doc ID 6672264, pages NSA 08598 - 08717 

We processed 16 documents totaling 221 pages for this release from case 
79825 and they are enclosed. 

• Doc ID 6672178, pages NSA 08727 - 08735 

• Doc ID 6672179, pages NSA 08736 - 08746 

• Doc ID 6672180, pages NSA 08747 - 08757 

• Doc ID 6672181, pages NSA 08758 - 08772 

• Doc ID 6672182, pages NSA 08773 - 08783 

• Doc ID 6672185, pages NSA 08784 - 08796 

• Doc ID 6672186, pages NSA 08797 - 08807 

• Doc ID 6672187, pages NSA 08808 - 08817 

• Doc ID 6672188, pages NSA 08818 - 08822 

• Doc ID 6672189, pages NSA 08823 - 08830 

• Doc ID 6672227, pages NSA 08831 - 08862 

• Doc ID 6672265, pages NSA 08863 - 08892 

• Doc ID 6672229, pages NSA 08893 - 08902 

• Doc ID 6672230, pages NSA 08903 - 08909 

• Doc ID 6672231, pages NSA 08910 - 08919 

• Doc ID 6672232, pages NSA 08920 - 08947 

We processed 1 document totaling 9 pages for this release from case 85643 and 
it is enclosed. 

• Doc ID 6672217, pages NSA 08718-08726 

Certain information has been deleted from the enclosures, as explained below. 

Some of the information deleted from the documents was found to be currently 
and properly classified in accordance with Executive Order 13526. This information 
meets the criteria for classification as set forth in subparagraph (c) of Section 1.4 and 
remains classified TOP SECRET and SECRET and CONFIDENTIAL as provided in 
Section 1.2 of the Executive Order. The information is classified because its 
disclosure could reasonably be expected to cause damage to the national security, to 
include exceptionally grave or serious damage. Because the information is currently 
and properly classified, it is exempt from disclosure pursuant to the first exemption of 
the FOIA, 5 U.S.C. Section 552(b)(1). 

This Agency is authorized by various statutes to protect certain information 
concerning its activities as well as names of its employees. Accordingly, those 
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portions are exempt from disclosure pursuant to the third exemption of the FOIA, 
which provides for the withholding of information specifically protected from 
disclosure by statute. The specific statutes applicable in this case are Title 50 U.S. 
Code 3024(i) and Section 6, Public Law 86-36 (50 U.S. Code 3605). We have 
determined that such information exists in these documents and we have redacted it 
accordingly. 

Some of the information has been redacted from the enclosures pursuant to 
the fifth exemption of the FOIA. This exemption applies to inter-agency or intra¬ 
agency memoranda or letters that would not be available by law to a party other than 
an agency in litigation with the agency, protecting information that is normally 
privileged in the civil discovery context, such as information that is part of a 
predecisional deliberative process. 

Personal information regarding individuals has been deleted from the 
enclosures in accordance v^dth the sixth exemption of the FOIA, 5 U.S.C. 552 (b)(6). 
This exemption protects from disclosure information that would constitute a clearly 
unwarranted invasion of personal privacy. In balancing the public interest for the 
information you request against the privacy interests involved, we have determined 
that the privacy interests sufficiently satisfy the requirements for the application of 
the (b)(6) exemption. 

The seventh exemption of the FOIA protects from disclosure records or 
information compiled for law enforcement purposes. This includes information that, if 
released, could interfere with enforcement proceedings, could cause an unwarranted 
invasion of personal privacy, or would reveal law enforcement techniques procedures. 
The information withheld under (b)(7)(E) from the enclosures, meets the threshold 
requirements for withholding under exemption 7 of the FOIA. 

Finally, some information has been redacted pursuant to the IG Act of 1978, 

Sec 7(b), P.L. 95-452, which protects the confidentiality of employee complaints to the 
IG. 

Please be advised that we continue to work on your requests, and the review of 
additional documents responsive to your requests continues. 


Sincerely, 

^ - 

JOHN R. CHAPMAN 
Chief, FOIA/PA Office 
NS A Initial Denial Authority 


Ends: 

a/s 
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(b)(3)-P.L. 86-36 


V 


(U) SEMIANNUAL REPORT TO THE CONGRESS 

•! • For the Period Apnl V„2Q04 Through September 30, 2004 


• • 

• ♦ 


(U) Selected System Engineering Cbntraetsr NS A/CSS IG; ST-04-0009; 

21 May 2004; ; 

Surnmary. (U //FOUQ ^ Our review summarized the results of our analyses of two 
system engmeeri rfg contracts identified-in a yecent reUQrt as warranting further rev iew. 

Thecontractslwitlj .. ’• •' , 

I ; [had mdfcaijons of questionable cost growth, continuing lack of 

competition, and failure to perform market research ^ The ourrent review found that the 

(contract needs formal task-orders, and the ! I contract missed opportunities for 
competition. We also noted an emer^ng’.issue: mergers and acquisitions within its 
contractor base make the Agency vul rierable to potential conflicts, of interest among its 
vendors. The Contracting Officer and | ‘ | now have a formal mitigation plan to resolve this 


concern. 


Management Action. (U) Manage ment concu rred with our re& omme ndation and is 
adding the proper task order clauses to the] (contract. For the I b ontract, the 

OIG did not make a recommendation since the contract ended in June 2004 and the benefit 
would be minimal. 


Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 
Category. (U) Other (Acquisition Management) 


(U) Restaurant and Civilian Welfare Funds; NSA/CSS IG; AU-04-0014; 28 May 2004 

Summary. (U Z/FOU - O ^ NSA’s Restaurant Fund and Civilian Welfare Fund CWF) 
are DoD revenue producing nonappropriated fund instrumentalites (NAFIs) that operate 
under Army and NSA/CSS regulations for morale and welfare purposes. The financial 
statements of the two NAFIs were audited by an outside audit firm, which issued 
unqualified opinions. The external audit for FY 2003 found that drug store management 
and accountability improved significantly after implementation of recommendations made 
in our oversight review of the FY 2002 audit. The compliance audit of the Flying Activity 
(conducted at our recommendation in last year’s oversight audit of the CWF) identified four 
safety areas that need improvement: standard operating procedures, pilot qualification 
cards, clearing authority, and refueling away from the Flying Activity. 

Management Action. (U) We endorsed the improvements recommended by the 
safety inspectors; management is acting on all of them. 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 

Category. (U) Financial Management 

DERIVED FROM: NSA/CSSM 123-2 
DATED: 24 February 1998 
DECLASSIFY ONr*|- 
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(b) (1) 

(b)(3)-P.L. 86-36 


[ 


(u //rouo) 


I 


■ •••. » ^ 

NSA/CSS IQ; ] ‘ | .* 


Summary.-^The OIG visited all 
locations in S^tember 2003 and found that 


resnonsibilitv- 


~|has been very effe ctive in its primary 
. • * I Nevertheless, the 


|dilute effectiveness and create oversight and 
morale problems, especially among the milita.ry. Insufficient oversight, guidance, and . 
support from NSA HQ contributed to many of the deficiencies noted during our inspection. 

Management Action. (U) Management is taking corrective action on all 
recommendations. 

Overall Report Classification. (U) TOP SECRET//COMINT/X 1 

Category. (U) Joint Warfighting and Readiness 

(U) Contract Accountability investigation; NSA/CSS IG; IV-04-0001; 06 July 2004 

Summary. (U //FOUO) This investigation was a follow-on re\iew'to a FY 2003 
Special Study that found significant irregularities with the Agency’s novation and 
administration of a Systems Engineering and Technical Assistance (SETA) contract. The 
supplemental investigation determined: 1 ) that the Government’s involvement in the 
novation of the SETA contract was consistent with the Federal Acquisition Regulation, 

2 ) that the Government’s past performance assessment was skewed by a mistaken 
understanding of fact, however, correction of this error would not have altered the 
Government’s ultimate conclusion regarding one contractor’s suitability for the novation, 
and 3 ) that the Contracting Officer and the former Chief of NSA/CSS SIGINT Programs 
were responsible for the contracting deficiencies with the SETA contract. 

Overall Report Classification. (U) CONFIDENTIAL//X 1 

Category. (U) Other (Acquisition Management) 

(U) Office of NSA/CSS Representative, Joint Forces Command; NS/VCSS IG; 
IN-04-0004; 30 July 2004 

Summary. (U/‘ 7 ‘FOUO)Our inspection found that the NSA/CSS Representative, 
Joint Forces Command (NCR JFCOM) is not closely aligned with the new Command’s 
mission, which is focused on joint concept development and experimentation and has no 
geographic area of responsibility. Effective representation at JFCOM is important because 
the Command is the birthplace of short- and long-term changes to the nation’s military and 
its warfighting doctrine. We found the NCR not well positioned to do this because it lacks 
strategic guidance from HQ and is not accredited to the Command level. Vestiges of a 
SIGINT support mission waste Agency resources, despite several proposals from the NCR 
to reduce staff. The Information Assurance Directorate (LAD), on the other hand, is 
managing a growing portfolio of initiatives with JFCOM. 


SECRETUXl 
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Management Action. (U) Management concurred with all but one 
recommendation and has either developed plans to resolve them or already implemented 
appropriate actions. 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 
Category. (U) Joint Warfighting and Readiness 


(U //FOUO ) Compliance with the Federal Information Security Management Act 
(FISMA) at NSA/CSS; NSA/CSS IG; AU-04-0013: 6 August 2004 

Summary.-(€3 The audit assessed the progress by the NSA/CSS Chief Information 
Officer in specific aspects of Information Assurance since last year’s report on compliance 
with FISMA. Our audit found that NSA continues to make positive strides in improving the 
security posture of its networks and systems. The Defense-in-Depth approach—focused on 
peopl e, operations, and technology—is starting to come together, but much remains to be 
done. I 


Management Action, (U //F0U03 Since last year’s report, NSA management 
reduced the number of systems operating without C&A, established Plans of Action and 
Milestones to monitor the progress of efforts to correct security weaknesses, improved 
information technology (IT) security training, and established an Agency-wide Operations 
Security program. Furthermore, management took the first step to establish a verifiable IT 
system inventory and improve the IT investment management process. 


Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 
Category. (U) Information Technology Management 


(b) (1) 
(b) (3) 


■P.L. 86-36 


(U //rQh l 0 )-Collecting Communications of a U.S. Person Abroad Without Attorney 
General Authorization; NSA/CSS IG; ST-04-0016; 10 Aygust2b64 

Summary.-f€) i [ the Signals Intelligence Directorate 

(SID) targeted the communications of a U.S. person located abroad without the required 
Attorney General authorization. While conducting our inquiry- into this mishap, we 
encountered strong mdications of shortcomings in the control environment that allowed 
this incident to occur I After interviewing officials 

from SID’s Analysis and Production Directorate, the SID Office of Oversight and 
Compliance, and the NSA Office of General Counsel, we identified systemic problems that 
point to the lack of key elements that are critical to creating a strong control emnronment 
for this high-risk activity, including written guidance containing clearly defined roles and 
responsibilities for all involved in the process, defined policies and procedures, and tailored 
training in the process for those who handle special authorizations. 


Management Action. (U) SID concurred with most of our recommendation and is 
taking appropriate corrective action. 


(b) (3)-P.L. 86-36 
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(b) (3) 


Overall Report Classification. (U) SECRET//COMINT//X1 • ’ 

• 

• 

gg_ 3 g Category. (U) Other (Intelligence Oversight) .. ♦ ’ 

. • * * 

• • • . . 

(b) (1) 

(b)(3)-P.L. 86-36 

t 

1 

% 

■ 

(U//F 0 U 01 - ‘ 

□ 

NSA/CSS 

IG: INSCOM IG: AIA IG; NSG IG:1 . • I 


• 

• 

• 

• 

Summary.-(0 A joint inspection of 

• 

• 

■ 

1 py a team from the Service Cryptologic Elements and 

NS A /( :.SS found problems that have a direct impact on the site s effectiveness. The most 


significant issues for iriWk^ement to address include:[ 


Management Action. (U) Management is taking appropriate corrective action. 

Overall Report Classification. (U) SECRET//COMINT//RELTO USA, AUS, CAN, 
GBR, and NZL//X1 . ; . 

Category. (U) Joint Warfighting and Readiness 

(U) GROUNDBREAKER Contract Costs ; NSA/CSS IG; ST- 04 - 0021 ; 

13 September 2004 

Summary. (U // ' FQUQ)T n September 2001, the GROUNDBREAKER (GB) Program 
Office awarded Eagle Alliance (EA) an $11.2 million Delivery Order to implement the 
special modernization provision in clause H.46 of the basic contract. Initially, EA proposed 
immediate replacement of 17,000 desktops within 1 year. Our review of a previous audit’s 
recommendation found that by December 2002, almost 15 months after contract award, 
only 7,000 desktops had been purchased, far short of the 17,000 described in EA's 
modernization proposal. Deficiencies in the contract terms of the Delivery Order made it 
impossible to determine how the $11.2 million was spent or to track any equipment 
purchased with the money. 

Management Action. (U) After reviewing the contractor's records, we 
recommended closing the recommendation in the audit follovsoip system; however, we are 
considering additional oversight of the GB contract in FY2005. 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 

Category. (U) Other (Acquisition Managernent) 


Disbursing Account at 


NSA/CSS IG; 


1_ 

_J 



_Summarv.-ffi^Accounting and Financial Services (DF2)'maintains a cash account at 

to pay for certain goods and services; 
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(b) (1) 

(b) (3)-F.L. 86-36 


_At the request 

of the Chief, Accounting and Financial Services, the OIG audited the account to resolve an 
apparent $5900 discrepancy and assess the implementation of prior OIG recommendations 
to improve cash management at the site. We found a cash shortage of about $2100, due in 
large measure to the site’s failure to implement prior OIG recommendations. We also found 
that the site was holding excess amounts of cash—in some cases more than the disbursing 
agent is authorized to hold—which creates unnecessary risk and makes it harder to balance 
the account. The site byp assed controls to m ake $3100 in questionable payments, 
apparently authorized byj j^nd not subsequently challenged by DF2. 


Management Action. (U) Management agreed to report the cash shortage to the 

Defense Finance and Accounting Service to determine pecuniary liability. Management is 

also in the process of reducing the excess cash dt the site. Finally, controls have been 

implemented to avoid making questionable payments. 

♦ 

Overall Report Classification. (U) CONFIDENTIAL 

♦ 

Category. (U) Financial Management *. 


(U) Special Processing Laboratory; NSA/CSS IG; AU-b4-0006; 13 September 2004 

Summary. (U/ /FOU 0 ) The Special Processing Laboratory (SPL) has produced 
classified microelectronic chips for NSA and other governmenLorganizations since 1991. 
However, when rapid advances in the industry left the SPL lagging from a technological 
standpoint, the Director, NSA decided to close the SPL by FY2006.and replace the 
capability with a commercial source—a Trusted Foundry Access (TFA). Our audit 
determined that the Agency needs a formal plan to transition a critical DoD program to the 
TFA, Another concern was payment of a 50-percent salary-based retention bonus for all 
SPL personnel, including those no t affected bv th e closure. We also found that the DoD 
organiz ations that sent NSA about! ho ft md their portion of tire FY2004 TFA 

contract^ ^lo‘utilize the contract . : 

' ■ . ■ --1....(b)(3)-P.L. 86-36 

Management Action. (U //FQUO) The J^isnpy^ de.v€}ophIgVtT 4 nsition plan. 

We accepted lAD’ s proposal tq ?JccludeQj6PL fempI oVees from the retentio n plan for a cost 
avoidance of about] f Regarding the lack of] fNSA and DoD 

have now formed an Integrated Process Team to work this problem. 


Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 
Category. (U) Information Technology Management 


(U //rQUO) Managerhent of Activities Under the Foreign Intelligence Surveillance 
Act (FISA) of 1978; NSA/CSS IG; ST-03-0008: 27 September 2004 

Summary. -fe^Our review of NSA’s management of electronic surveillance activities 
conducted under the FISA of 1978 found that those activities generally ensure that the 
rights of U.S. persons are protected. However, the Agency’s internal management controls 
for those activities make the process confusing and unduly dependent on the unwritten 
knowledge of a few people. Management needs to improve controls over the FISA process 
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to include (i) written guidance that spells out authorities, roles, and responsibilities; (2) 
standard operating procedures with step-by-step instructions; (3) tailored training on FISA 
operations; and (4) metrics to gauge the efficacy of the process. 


Management Action. (U //FQUO) Management has agreed to define the pertinent 
authorities and responsibilities by October 2004. The other control elements—formal 
procedures, tailored training, and metrics—will be in place by December 2005. 


Overall Report Classification. (U) TOP SECRET//COMINT//NOFORN//X1 


Category., (U) Other (Intelligence Oversight) 


(b) (1) 

(b)(3)-P.L. 86-36 


(U) Menwith Hill Station; NSA/CSS IG; INSCOM IG; AIA IG; NSG IG; JT-04-0003: 
30 September 2004 


Sum.mary.-f0)- Since the 2002 joint inspection of Menwith Hill Station (MHS), site 
leadership and NSA HQ have made great strides in correcting longstanding infrastructure 
problems, improving the quality of life for all assignees, and transitioning cryptologic host ! 
responsibilities to the Air Force. The joint inspection team found that MHS has 
demonstrated exceptional mission successes, but the explosion in target technology exceeds 
the site’s capacity to process and store data, while sustained tasking leaves few - if any- 
resources for new mission development. The joint team noted other areas that require close 
and continued attentio n from MHS and NSA HQ : 1) jointly integrating and synchronizing 
operations and support f 

and; 2) directing the revitalization of major interdependent systems. 


Management Action. (U) Management is taking appropriate corrective action. 

Overall Report Classification. (U) TOP SECRET//COMINT//TK//RELTO USA 
and GBR//X1 

Category. (U) Joint Warfighting and Readiness 




I 


NSA/CSS IG, INSCOM IG. DAIgJ 


■ • Summary .-fS^A team from the Army Intelligence and Secufity Command 

(iHSCOM), NSA , and Department of the Army Inspectors General (DAIG) conducted an 
inspection of the| ♦ • ~ 


L 


Management Actton. (U) Management is taking appropriate corrective action. 


(b)(3)-P.L. 86-36 
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Overall Report Classification. (U) SECRET//COMINT//X1 
Category. (U) Joint Warfighting and Readiness 

(U) Corporate Level Functions;NSA/CSS IG;(Numerous Special Study Control 
Numbers); 30 September 2004 

Introduction. (U) During the October 2000 Senior Day briefing and in subsequent 
DIRgrams, the Director, NSA (DIRNSA) called for the centralization of mission-enabling 
functions. His goals were to dedicate SID and lAD resources to mission accomplishment 
and to eliminate duplication of effort throughout the enterprise. In April 2003", DIRNSA 
asked the OIG to determine how well the Agency has met his charge to consolidate 
corporate-level functions under centralized corporate sponsors. Over the past year, the OIG 
completed reviews of the following functions: 

Human Resource Services 
Protocol 

Legislative Affairs 
Acquisition and Finance 

Information Technology Infrastructure Services 

Installations and Logistics 

Security 

Policy 

Education and Training 

Summary. (U) During our reviews, we found differing degrees of centralization. 

We made recommendations to management and management is taking appropriate action. 

Overall Report Classifications. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 
and CONFIDENTIAL//X1 

Category. (U) Human Capital (for all Corporate-Level Function Reports) 

(U) False Claims; NSA/CSS IG, IV-04-0010, May 2004 

Summary. (U) An Agency employee deliberately submitted a fraudulent timesheet 
reflecting duty time, as well as a fraudulent travel voucher requesting reimbursement for 
travel expenses that were not incurred in connection with the employee’s official duties. 
Disciplinary action is pending, and the case was referred to the Department of Justice for 
possible prosecution under federal false claims statutes, 18 U.S.C. § 287 and 18 U.S.C. § 
1001. 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICII USE ONLY 
Category. (U) Other (Fraud) 
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(U) Time and Attendance Abuses; IV-04-0035 (10 May 04), IV-04-0038 
(9 September 04), IV-04-0041 (27 September 04), IV-04-0048 (8 September 04), 
IV-04-0050 (17 September 04), lV-04-0055 (24 September 04), lV-04-0062 
(30 September 04) 

Summary. (U //FOUO) The OIG substantiated seven Time and Attendance Abuse 
allegations, wherein employees claimed hours in excess of those they were determined to 
have actually worked. In the aggregate, these cases will result in the recoupment of almost 
$30,000 in funds paid to employees for hours falsely claimed. Several of these cases were 
referred to the U.S. Department of Justice for possible prosecution of violations of 
18 U.S.C. § 287 and 18 U.S.C. § looi. , 

Overall Report Classifications. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY (all 

referenced investigations) 

Category. (U) Other (Fraud) 

(U) Misuse of Resources; NSA/CSS IG, IV-04-0020, June 2004 

Summary. (U //FOU 0 ) ' T he OIG substantiated an allegation that a planned TDY for 
training was a waste of government resources. The OIG determined that .identical training 
could be obtained locally at a greatly reduced rate. Based upon the OIG’s recommendation. 
Agency management cancelled the planned training, saving the Government over $37,000. 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 

Category. (U) Other (Misuse of Resources) 
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(U) SEMIANNUAL REPORT TO THE CONGRESS 


(U) For the Period October 1, 2005 Through March 31, 2006 


(b) (3)-P.L. 86-36 


(U) Controls on Laptop Computers; NSA/CSS IG; ST-05-0015J ^S.pcrfpber 2005 . 

(U/ 7 fOUO) Summary. After conducting many. inveigWgations of fnissing laptop* 
computers, the Compromise and Computer Forefisies Offide’asked th^'NSX OIG to review 
the Agency’s inventory processes and-deternune whether the Ageocy'has. adequate controls 
to track and account for laptop bomp uters*. .Over the past 3 years, 4 :he Compromise and 
Computer Foren§ics Office conducted ) [ investigations of missing laptops but was unable 
to locate I 10 f classified, [ [of unknown classification, atid| [unclassified) of the ) [ '■ 

laptops. Such losses, while mancially immaterial, raise* counterintelligence concerns. 

• • - 

(U //rOUO) Management Action. To address the root cau^ of the losses—the lack 
of hand receipts for laptops—the Security, Logistics, and OIG organizations Me 
strengthening the enforcement of laptop controls, including penalties for pensonnel who do 
not comply with the hand receipt requirement and managers who fail to enforce it. The; 
three organizations vdll meet every 9p*days to discuss the enfo'rcement of theihand receipt 

policy and ways to hold managers adcountable .* •; 

^ 

(U) Overall Report Classification. CONFIDENTIM. 

(U) Category. Information Technology Management •; 


(Uf 


NSA/CSS IG 


fU //r0U01 S ummary. 


(U) Management Action. Management agreed to act on all our recommendations. 
However, Signals Intelligence Directorate and Information Technology Directorate are still 
working out the appropriate division of effort and responsibilities for managing and 
optimizing data flow. ; 


Derived From: NSA/CSSM 1-52 
Dated:20041123 i 

Declassify On: COCO II DO ^ 
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(U) Overall Report Classification. SECRET//COMINT//REL TO USA, AUS, CAN, 
GBR, NZL 

(U) Category. Joint Warfighting and Readiness 

(U) Misuse of Government Resources; NSA/CSS IG; IV-05-0027; 17 November 2005 

(UZ/TGUO) Summary. The OIG's Offices of Intelligence Oversight and 
Investigations conducted a joint inquiry into an allegation that an NSA/CSS employee 
violated applicable law and regulation by using Government property for unauthorized and 
unofficial purposes. We substantiated the misuse allegation and referred the matter to the 
NSA/CSS Office of the General Counsel, for consideration of referral to the DOJ. 

(U) Overall Report Classification. TOP SECRET//COMINT 

(U) Category. Other (Intelligence Oversight) 


(U) Contractor Performance Management and Evaluation of the 
GROUNDBREAKER Contract; NSA/CSS IG; AU-05-0002; 16 December 2005 

(U//rOUO) Summary. This audit focused on improving the use of rewards and 
penalties to motivate the contractor to optimize performance. Our audit found that, 
although the modernization goal of May 2004 had slipped by 17 months, the contractor 
received $10.7 million out of a possible $20.9 million in award fees for modernization. In 
this case, award fees were not used in a way that motivated the contractor to meet a crucial 
performance goal. Additionally, millions of dollars in service credits (penalties for failure to 
deliver agreed-to services) that should have been credited to the Agency were not recorded 
as accounts receivable and reported on financial statements. This ultimately cost the 
Government $300,000 in finance or interest charges from July 2002 to March 2005. 

(U) Management Action. After initially nonconcurring with our recommendation 
to improve modernization incentives, management revised its position and is developing 
new, more objective incentive criteria. Corrective actions are now under way or completed 
on all six recommendations. 


(U) Advisoi 


(U) Overall Report Classification. CONFIDENTIAL 

(U) Category. Acquisition Processes and Contract Management.^ ..,1™ 

. 

isory Report-on-the‘Audit* of the l . . • • * I 

Procurement and A ssociated Infrastructure P’rogram; NSA/CSS IG; 


(b) (3)-P.L. 86-36 


lAssociated 

■T-- 


(U//rOUOi Sumhiary. The adviso ry.rebort identified potential issues that suifetcb d 
during the suiVey phase of our audit of tHe| | 

I [Procurement and Associated Infirastructure Program. We curtailed our survey^atter 

___1_ 3 _?_** J*^ 1 ‘ Tn 1 O_ • 1*1 • T T 


reviewing a zero-based reyieW of Cryptanalysis Exploitation Services, which included _ 

Our survey s upport ed-the conclusions of the zero-based review: lack of sustained funding 
threatens the | | infrastructure; the physical facilities are inadequate; acquisition 
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(b)(3)-P.L. 86-36 

practices are inconsistent; and there is.insufficient mission assurance for ] | In addition, 
our survey indicated that tilje Portfolio Mariagempnt Office lacked sufficient authority over 
program execution and resotjrces. 

• ’ * " ’ ' -L 

(U) Management Acti6n. Since the recommendations for i K n the zero-based 
review are related to the indications noted during our audit survey, we will track completion 
in the OIG Followup System. 

(U) Over all Rebort C lassification. TOP SECRET//COMINT//REL TO USA, AUS, 

CAN, GBR, NZLy l T ~~1 

• ♦ 

(U) Category-. Acquisition Processe§ and Contract Management 


(U) Nuclear Commaind and Control (NC2) ^pgram; NSA/CSS IG; AU-04-010B: 
23 January 2006 

-fG-l Summary. Our audit revealed t hat the ] I 

board and management of the Nuclear 

Command and Control Program (NC2] 


(U) Management Action. Management agreed to act on all reco mmendations. _ 

(U) Overall Report Classification. TOP SECRET//NOFORN .50 use 3024 u) 

(U) Category. Joint Warfighting and Readiness [ (b) o) p.l. 86 36 - 


(U) Aerospace Data Facility: NSA/CSS IG; INSCOM IG; NSG IG; AIA IG; JT-06-0001; 
23 January 2006 

_ -(S^-Summary. The joint inspection found that the Aerospace Data Facility has 


J 2)NSAHQ : 

organizations have not provided policy, standards, or oversight of various efforts across the 
Extended Enterprise; and 3) the lack of a mission management tool.hinders the site’s ability • 
to optimize its role in consolidated mission planning and execution. \ 


(b) (1) 

(b) (3)-P.L. 86-36 


■9 ECREW20291123 
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(U) Management Action. Management concurred with the recommendations and 
is taking appropriate corrective action. 

(U) Overall Report Classification. TOP SECRET//COMINT/TALENT 
KEYHOLE//REL TO USA, AUS, GBR 

(U) Category. Joint Warfighting and Readiness 


(U/YfOUO) Red Team Targeting of the 

NSA/CSS IG:| 


(b)(3)-P.L. 86-36 


(U //rOUO) Summary. The National Defense Authorization Act of Fiscal Year 2000 ‘ 
directs the National Counterintelligence Executive (NCIX) to submit an annual report to i. 

the Secretary of Energy and the Director of the Federal Bureau of Investigati on on the _J' 

security vulnerabilities of the computers of the DOS's national laboratories. | I • 


(U //rQUQ) -Management Action. NSA man agement has amended the Red Team ' 
jrocess and procedures to require, for each exercise, 


(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(U) Category. Joint Warfighting and Readiness 

(U) Post-Accreditation Process for Information Technology Systems; NSA/CSS IG; 
ST-05-0018; 16 February 2006 

(U //rOUO) Summary. Our special study of the post-accreditation process for 
information technology syste ms samnledl bvstems that recently went thro ugh the 
accreditation process and werel * * ♦ |of the systems 

were not operational and, | * ♦. ■ 


(b)(3)-P.L. 86-36 
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(U) Management Action. The Information Assurance Directorate responded that it 
is working on a post-accreditation process that satisfies the recommendations of the OIG 
report. ; 

(U) Overall Report Classification. TOP SECRET//NOFORN |[bM3j-p.L 86-36 


(U) Category. Infomjation Technology Management 



(U) Management Action. The report makes ten recommendations to improve the 
effectiveness and efficiency of SIGINT operations. Most of these recommendations focus 
on the need to bring greater definition to the authorities, responsibilities and functions with 
respect to the operational roles of the SIGINT sites. Management concurred in all 
recommendations and corrective action is being taken. 

(U) Overall Report Classification. SECRET//COMINT//RELTO USA, AUS, CAN, 
GBR, NZL 

(U) Category. Joint Warfighting and Readiness 

(U) "Persistent Cookies” on the NSA Public Website; NSA/CSS IG; ST-06-0015: 

21 March 2006 

(UTVrOUO) Summary. The OIG conducted an inquiry into the circumstances and 
implications of the Agency’s usage of "persistent cookies” on its public website, NSA.gov. 
We concluded that, during a past system upgrade, a number of cookie properties were 
unintentionally reset, extending their expiration beyond the intended settings. As a result, 
the website was inadvertently using "persistent cookies” instead of the usual "session 
cookies.” Once aware of the situation, the Agency immediately disabled the "persistent 
cookies” and restored the intended session length settings. Based upon our interviews, 
contacts, and reviews of databases and technical literature, we concluded the Agency's 
inadvertent "persistent cookies” did not collect user information or any personally 
identifiable information on visitors to the NSA.gov website. 
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(U//FOUO) Management Action. Corporate Communications Strategy Group 
personnel have begun documenting the programming code with comments where system 
changes could inadvertently enable different types of cookies. The Group intends to have 
comprehensive procedures written and implemented by July 2006, and has suspended any 
system upgrades until then. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Other 

(U/yfOUO) Special Study of Executive Level Management of Systems 
Development at NSA/CSS; NSA/CSS IG; ST-05-0004; 22 March 2006 

(U//rOUO)Summary. At the corporate level, NSA/CSS needs a formal, stable, 
unified methodology to enable its leadership team to wield effective oversight of key 
development programs. This is even more necessary as the Agency accelerates 
transformation efforts. The existing disparate approaches to program oversight in several 
Agency organizations should be unified into an overarching methodology under the 
leadership of one organization or individual. An OIG benchmarking study of two 
information-intensive organizations in the private sector and one major DoD development 
program supported the conclusion that until NSA/CSS adopts such a methodology, its 
leaders will not have the requisite degree of insight into all aspects of key enterprise 
initiatives. By the end of the study, it was clear that the Agency needs such a methodology 
to lead the work force successfully through the pervasive changes underway in its mission 
and core business. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Joint Warfighting and Readiness 

(U //FOUO) Interim Report on the Audit of NSA’s Computer Security Incident 
Response; NSA/CSS IG; AU-05-011 A; 24 March 2006 

-f9) Summary. During our audit of NSA’s Computer Security Incident Response, the 



(U) Management Action. The Information Technology Directorate responded that • 
it is working to secure current and ftiturej jivhich satisfies our 

recommendation. ' ^ * 
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(U) Overall Report Classification. TOP SECRET//NOFORN 
(U) Category. Information Technology Management 


(U //rOUQ) Misuse of the Agency’s Unclassified Network; NSA/CSS IG; 
ST-05-0019; 28 March 2006 


(UZ/rQUOtSummary. After expending considerable resources to address misuse of 
the Internet by Agency affiliates, the NSA/CSS Information Systems Incident Response 
Team (NISIRT) asked the OIG to review the adequacy of the Agency’s policies regarding 
usage of NSA’s unclassified network. We concluded that the Agency’s current policies, the 
Computer Security Incident Report process and a new “Smart Filter” which will deny user 
access to inappropriate web sites are adequate tools for dealing with misuse. However, we 
also found that many affiliates are not aware of current policies, and that managers are not 
informed of misuse by their subordinates. 


(U/ZFOUO) Management Action. Management agreed to implement annual 
training on Internet policies for affiliates, and NISIRT agreed to advise managers of policy 
violations so they can hold subordinates accountable. 

(U) Overall Report Classification. CONFIDENT 1 AL//REL TO USA, AUS, CAN, 
GBR, NZL 

(U) Category. Information Technology Management 


(b)(3)-P.L. 86-36 


(u //rouo r 




^DCfsey Road Warehouse; NSZVCSS IG; 


-fS) Summary. While investigating a procurement matter involving computer 
equipment shinned to the Dorsev Road Warehouse (DRWII 


study to determine whether DRWf 


We undertook a spec ial 


“(S)"Management Action. In response to our findings, the Associate Directorate foi;* 
Security and Counterintelligence and Ass ociate Directorate for Installations and Logistics ; 
developed short- a nd long-term strategies[ 


n^The 

^fdi 


These strategies addressed our concerns, and we will track. 


implementation thfoifgh-our follpwup system. We consider impleiiientatioma high priority 
that should be funded as such. . *. I" ■ ’.* 


(U) Overall Report Classification. SECRET 
(U) Category. (U) Infrastructure and Environment 


(b) (1) 

(b) (3) -P.L. 86-36] 
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(U) False Labor Charges by an Agency Contractor; NSA/CSS IG; IV-05-0031; 
December 2005 

(U//rOUO) Summary. During a routine Security background check, suspicions 
surfaced about the accuracy of labor charges by an NSA/CSS contractor employee. An OIG 
investigation substantiated that, during a 22-month period, the contractor employee falsely 
billed 751 labor hours to an Agency contract, amounting to approximately $35,000 in false 
charges. The matter was referred to the DOJ for a prosecutive opinion, and the NSA/CSS 
Office of the General Counsel is seeking restitution from the involved company. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Acquisition Processes and Contract Management 


(U) Time and Attendance Investigations; NSA/CSS IG; IV-05-0008 (10 Nov 2005); 
IV-05-0035 (4 Oct 2005); IV-06-0014 (10 Mar 2006); IV-06-0026 (24 Mar 2006); 

IV-06-0021 (30 Mar 2006) 

(U//rOUO)"Summary. The OIG substantiated five allegations of Time and 
Attendance abuse, wherein employees claimed hours in excess of those they were 
determined to have actually worked. In the aggregate, these cases will result in the recovery 
of approximately $44,000.00 in funds paid to employees for hours falsely claimed. 

(U) Overall Report Classifications. UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(all referenced investigations) 

(U) Category. Other (Fraud) 


(U) Unauthorized Commitment of Government Funds and Intentional 
Falsifications; NS/VCSS IG; IV-05-0015; March 2006 


(UZ/rGUOt Summary. An NSA/CSS emp loyee made an unauthorized commitme nt 
of Government funds by accepting approximately | 

equipment without a contract. The employee and an Agency contractor then attempted 10 
conceal the unauthorized action by creating and back-dating a fictitious “Loan Agreement,” 
and by providing the OIG with false testimony. The employee and contractor violated • 
applicable Federal regulations and possibly Title 18, United States Code, Section 1001. • 


(U) 

(U) 


Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE OIJILY 


Category. Acquisition Processes and Contract Management 


(b) (3)-P.L. 86-36 
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(U) NSA/CSS OIG ACTIVITIES RELATED TO 
COUNTERTERRORISM 


(U) Completed from 1 October 2005 - 31 March 2006 


( U iy pOUQ) Advisory Report on Activities Associated with Expeditionary SiGINT 
Deployments to Hostile Areas; NSA/CSS IG; ST-06-0001; 23 January 2006 


(U7/FOUO) Summary. A February 2005 after-action report raised serious concerns 
about the activities and processes associated with the deployment of NSA/CSS personnel to 
hostile areas. The issues were referred to the OIG, which conducted extensive research to 
determine if a formal review was needed. Based on interviews of) [organizations involved 
in the deployment pro cess and l R eturnees from hazardous area deployments, such as 

| we concluded .that some aspects of the process, especially training by 
enabler organizations, have improved*considerably over the last 2 years. Processes to 
ensure appropriate and timely candidate “selection, pre-deployment mission training, IT 
support, and corporate resolutioi; of issues’raised in after-action reports need to be 
standardized and implemented across the Agency. 

(U) Management Action. Corrective measures addressing the issues are already 
underway; as such, we do not plan to underta*ke.a fortnal review at this time. However, the 
issues raised merit continued action and followup by Agepcy management. We plan to 
revisit these processes again in 1QFY07 to assess progf6s.s. *. 


(U) Overall Report Classification. SECRET//COMINT//REL TO USA, AUS, CAN, 
GBR,NZL *♦*.♦.*. 


(U) Category. Joint Warfighting and Readiness 


(b)(3)-P.L. 86-36 




(U) Ongoing .* ■ 

• ■ 

♦ > 

(U/'f^OUO)-lnspection of the Information Warfare Support Center; NSA/CSS IG; 
IN-06-0001 .* '. 

Background The Information Warfare Support Center (IWSC) began 
operations in November 1994 in response to the need for SIGINT support to Info rmation 
Operations (IQ). IWSC’s mission is to provide the combatant commapder(s) with) 


_ ^ ‘ 

related to counterterrorism. The pri mary obje ctives of this inspection include the 

following: a) determining whether th j fe s executing its current missions and functions 
in an efficient and effective manner and in accordance with its cha rterl ide ntifying any ♦* 
impediments to mission accomplishment; b) determining whether l I personnel comply 

|(b) (1) 

.L. 86-36 
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(b) (3)-P.L. 86-36 


with Internal Management Controls and other Agency regulations an d policie s governing 
personnel and organizational management; and c) assessing how well ! "S hares 
information with internal and external customers. 

(U) Inspection of SID’s Chemical, Biological, Radiological, Nuclear Mission; 

NSA/CSS IG; IN-06-0002 

■(9) Background. Chemical, Biological, Radiological, and Nuclear (CBRN) terrorism 
is one of the most menacing threats to U.S. security, and from a Signals Intelligence 
(SIGINT) perspective 

■ 

■ 

[T he inspection is evaluating CBRN mission performance. ♦ 
including examining the execution of CBRN as a transnatipnal target, assessing the impact* 
of Mission Build-Out, and reviewing any funding or human resource Issues. • i_ 

(b) (3)-50 use 3024 (i) 

(U) Special Studies of Presidentially-authorized Program; NSA/CSS IG |(b) (3 )-p.l. 86-36 

(U//rOUO) Background: The OIG is performing continual audits of NSA's 
Presidentially-authorized counterterrorism program. The overall objectives are to 
determine whether there are appropriate policies and procedures in place for activities 
under the program consistent with the terms of the Presidential Authorization; to evaluate 
their efficiency and effectiveness in mitigating any high-risk activities associated with the 
program; and to identify any impediments to satisfying the requirements of the Presidential 
Authorization. 


fUl Planned 

(U//FOUO) Inspection of the Geospatial Exploitation Office; NSA/< 
IN- 06-0005 

• 

tST Background The Geospatial Exploitation Office (GEO).bej 

(b) (1) 

(b) (3)-50 use 3024 (i) 
(b)(3)-P.L. 86-36 

css IG; 

gan operations in 

• 

• 

• 

• 

• 

* _____ 


The primary objective will 


be to assess GEO’s mission effectiveness and their ability to satisfy requirements and 


information needs levied on the organization. The inspection will determine whether the 
current organization’s missions and functions are being properly executed in an efficient 
and effective manner; whether missions and functions are accurately portrayed and being 
accomplished; establish whether missions performed are appropriately placed within the 
product line; and will identify any impediments, which hinder the efficient and effective 
execution of their missions and functions. 


QLCRLTtflOlOmJ 
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(b) (1) 

(b)(3)-P.L. 86-36 


-(6) Office of Middle East a 

-(©) Background. T 1 

Directorate for Analysis and 
and North Africa (MENA). 

. ♦ > •* ' 

• * .•* 

nd North Africa; NSA/C 3 S IG;-lfi- 06-0006 

le mission of the Sigrials Intelligence Directorate‘s Deputy 

I Production includes the'eountries located ip the Middle Ea 


The Offiepot MENAI. ’ 

% 

• ‘ 

i ^ . 



Our inspection will evaluate the mission effectiveness of MENA 


Regional Review; NSA/CSS IgJ[ 


__ 

■( 6 ) -Background^The OIG plans to conduct a regional rerinew of j j sites that are 

focused on j . ♦ ^ including support to counterterrorism.’Our_ 

review will assess s ke operations, compliance with intelligence oversight requirements, | | 

I ^nd local support activities. 

(U) Followup Review of Access to SIGINT Databases; ^isA/CSS IG; ST-06-0003 

-(9) Backgound. Information sharing and data access continue to be major 
priorities across the Intelligence Community (IC).‘.To jumpstart the info rmation-sharing 
concept, several efforts were initiated, most notably, the* efforts to providej | 



(b) (3)-P.L. 86-36 


(b) (1) 

(b) (3)-50 use 3024(i) 
(b) (3)-P.L. 86-36 


^ECR£r//20291123 
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(b) (1) 

(b) (3)-50 use 3024 (i) 
(b) (3)-P.L. 86-36 


\ 

% 


SE MIANNUAL REPORT TO THE CONGRESS 


(b) (3)-P.L. 86-36 


i.' -(U) for the Period October 1, 200Z Through March 31,2008 




INSA/CSS IG;{ 


□ 


( i S i Vn & fe .)*Summary. During SeJ)tember and October 2007, the NSA/CS S Officef.o f 
the Inspector General (OIG) conddeted a special inquiry into an allegation that] ■! 


We found no violations of NSA's legal compliance and 

njinimization proc^ures and issued no formal recommendation, but we observed that 
additional oversight familiarization training was needed. 

(U) Overall fteport Classification. SECRET//COMINT//RELTO USA, FVEY 

(U) Category .'.Other (Operational Authorities) 

(U) Contract WarehoUjse Operations; NSA/CSS IG; AU-07-0019; 14 November 2007 

Summary. In support of the Information T echnology Directorate (ITD), 
i;he Agency contracts for’warehouse space to store more th an f [p ieces of information 

he 


technology equip ment arid nai^ valued at 


These warehouse services cost 


the Agency aboutj_ annually. We performed this audit to evaluate the 

effectiveness and efficiency, of the storage facilities contract’to satisfy the Agency’s 
J-equirements and needs. Our auditfound that the Contracting Officer Representative must 
develop and implement a sampling plari tq verify the accuracy‘of the contractor’s inventory 
records. Additionally, the Property Acquisition Support Office must tag ^1 of the ITD’s 
ipilferable items destined for fhe contract wareh’eruse and account for them in the Defense 
."Property Accountability Syste m as required by NSA/CSS FinanciatManagement Manual 7 - 
2. Finally, some deliveries are 


(U) Management Action. Management concurred with the recbnj’mendations. 
(U) Overall Report Classification. SECRET//NOFORN 
(U) Category. Acquisition Processes and Contract Management 


(b) (1) 

(b) (3)-P.L. 86-36 


(U) Agency’s Streaming Media Capability; NSA/CSS IG; AU-07-0020: 

4 December 2007 

(U// gOU 0 ) Summary. In April and July 2007, the OIG received similar hotline 
complaints about organizations duplicating streaming media and web services to the 
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Agency. In a 2006 Inspection Report, OIG found the same problem—Agency organizations 
use their own personnel or pay contractors to provide multimedia servi ces instead of using 
the corporate authority (Office of Multimedia Solutions). Although the| 

_;___! has a legitimate 

role in providing operational streaming media in support of Signals Intelligence analysts, it 

has, on limited occasions, duplicated services offered by the Office of Multimedia Solutions. 

Although this office is responsible for web design and development of organizational and 

project websites on the NSA intranet as required by NSA/CSS Policy lo-iy, other 

organizations are performing identical services. Duplication occurs because responsibilities 

of the Office of Multimedia Solutions and other Agency organizations are not clearly 

defined. ; 

\ ■ 

■ 

(U) Management Action. The Chief of Staff and Technology Directorate concurred 
with all recommendations and have initiated corrective actions. : 

(U) Overall Report Classification. SECRET//REL TO USA, FVEY 

(U) Category. Other (Information Technology) rr 


\ —/- ±j |(b) (3) “P.L. 86-361 

^ . V 2 1 

(U) Laptop and Other Portable Computing Devices AcbpUntability; NSA/CSS IG; 

AU-07-0005; 4 December 2007 . * • 

• • * ♦ * ' ■ 

(U/ifOU©) Summary^ Sinte 2000, the Agbncy has focused on impro’^nng its 
accounting of portable jcomputing devices (PCDs), such as laptop conlputers.’ 
Non etheless, qs.of *2*9 June 2007 the Agen.(^*had not accounted for some] of the more 

than I ^ CDs in use at NSA over the period 2000-2007. Our audit found that, 

although improvements had been ]^de in tracking and identifying PCDs at the Agency, 
the audit trail for PCDs was inefficient and, in some cases, non-existett, especially for 
the hand-receipt process for Agency-owned and contractor-provided PCDs. Despite 
adequate accountability procedures for incoming property through Central Receiving, 
Agency personnel could bypass that process. Consequentiy, PCDs were brought into the 
Agency and not properly accounted for in property records. Missing or unaccounted for 
PCDs were not qlways reported as soon as they were known to be lost.;Meaningful 
investigation s cannot be conducted when missing PCDs,| 

I f are not reported quickly. 

(U//POU©) Management Action. After issuance of the audit report in December 
2007, the Director, NSA/CSS tasked the Agency’s Senior Leadership Team (SLT) to 
address the persistent problem of unaccounted-for laptops within the Agency. From 
December 2007 until February 2008, under the leadership of the Chief of Staff, the 
Agency conducted an exhaustive search for laptops, significantly reducing the number of 
unaccounted-for laptops identified in our audit report; developed a new Standard 
Operating Procedure (SOP) for laptop controls and accountability; approved technical 
measures to protect data on PCDs and track laptops; and withheld performance bonuses 
for 2007 for most SLT members until the search had been concluded and the SOP 
developed. 

(U//rOUO) In February 2008, the SLT directed a number of actions, including 
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(b)(3)-P.L. 86-36 


the preparation of a written report on these issues. On 7 Ma^ch•20og^^ the Deputy Chief 

of Staff submitted the required report to the SLT. it included'a history of the laptop 

accountability issue at NSA since 2002, results of the receht intensive efforts, and major 

actions that lie ahead. Attachments to the report inchMed detailed results of the search 

and the new accountability procedures prepared by the OIG, Office of-General Counsel, 

Directorate of Security, and Directorate of Installations and Logistics.’. 

♦ * • 

(U) Overall, the Agency is seriously addressing the issue of laptop accountability 
and is well on its way to establishing a sj^stemic solution to this challenge, incorporating 
procedures that could be considered for adoption elsewhere in the Intelligence 
Community. ^ ’ ! ; 


) ( 1 ) 

)(3)-P.L, 86-36 


(U) Overall Report Classification. TOP SECRET//COMINT//NdFORN 


u,. (U) Category. OthwOnformationTechnology) 


I NSA/CSSIG;^ ■ 

*1. *./*•♦ ^pth reports) • •.. _ ' !-- 

(3//R£jb) Sumrn’al^: .We visited two|_ [ sites selected 

on the basis of .risk, location, and*reported oversight issues. Our reviews assessed site 
operations, local- customer sl ipport. ahd.ppmpliance with intelligence oversight 
requirements an q * ♦ p nsthictions. Xt'e^ch site, we found some discrepancies 
between policy and the execution of Emergency B'estr^ic tion Exercises. At one site, su pport 
to law enforcement was notjully coordinatedj • I 


(U) Management Action.] [management atthe sites advised ]^ ♦.| hQ that all .* 
employees had participated in Emergency Destruction Exetcises after receiving ol yifica tion 
on procedures. Employees at one site have been reminded of the ren nif pTnents of ] • j .* 

The other site will 


ave a comprehensive environmental survey performed in 2008, and . .* 

has confirmed receipt of a secure telephone. 77 


reports) 


(U) Overall Report Classifications. TOP SECRET//COMINT//NOFORN (b’eth 


(U) Category. Joint Warfighting and Readiness 


(b) (1) 

(b)(3)-P.L. 86-3f 


(U) Inquiry From Congress Concerning Possible USSID SP0018 Violations; 

NSA/CSS IG; ST-08-0017; 17 December 2007 

(U) Summary. In response to a request from the office of U.S. Senator Leahy of 
Vermont, we reviewed allegations of improper intelligence activities and violations of 
SIGINT authorities made by a citizen of Vermont, who had been a U.S. Army Reservist 
deployed to Fort Gordon, Georgia, in October 2001. We were unable to substantiate the 
allegations since the Reservist had never been assigned to NSA and had not performed an 
NSA mission while deployed. 

(U) Management Action. We provided our findings for further action to the 
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olculwrel to uga, 


Assistant to The Secretary Of Defense (Intelligence Oversight) and the Inspectors General 
of the Department of Defense, Depaitment of the Army, and the U.S. Army Intelligence and 
Security Command. 

(U) Overall Report Classification. SECRET//COMINT//NOFORN (b) < 3 )-50 use 3024 (i) 
(U) Category. Other (Operational Authorities) • 


(U) Joint Inspection of NSA/CSS Europe; NSA/CSS IG; AFISRA IG; INSCOM IG, 

NNWC IG; JT-07-0004; 18 December 2007 

(0//nCL) Summary. The IG organizations of the Air Force Intelligence, 

Surveillance, and Reconnaissance Agency, Naval Network Warfare Comm and. Intelligence * 
and Security Command, and NSA conducted a joint inspection at Stuttgartj I 

Germany, in September 2007. For at least two vears, NSA/CSS Europe leadership ' 

(NCEUR) has focused onf • \ 

[ Tlie 

SIGINT Director has supported these initiatives and has adopted certain authorities. Under 
NSA/CSS Policy 1-3 on governance, the NCEUR transformation must be appropriately 
codified. Each Senior Functional Authority responsible for mission and enabling functions 
must formally delegate authorities in its management directives and allocate appropriate 
manpower and financial resources. Inspectors found many in.the NCEUR workforce were 
unaware of or confused about their own and other organizational roles in the ongoing 
transformation. More effective communication of the NCEUR vision and the Director’s 
intent is a major challenge. Joint inspection activities uncovered several areas where 
additional management oversight is needed, including safety, logistics, property 
accountability, training. Intelligence Oversight and cover travel. 


(U) Management Action. Management concurred with all recommendations and 
corrective actions are underway. 

(U) Overall Report Classification. SECRET//COMINT//RELTO USA, FVEY 
(U) Category. Joint Warfighting and Readiness 


(b)(3)-P.L. 86-36 


(©jVnCLi) Retention of Domestic Communications Collected Under FISA 
Surveillances; NS/VCSS IG; ST-06-0007: 21 December 2007 


( 0 //RH-) Summary. While conducting collection operations authorized under the 
Foreign Intelligence Surveillance Act (FISA) of 1978, as amended, NSA might incidentally 
collect domestic communications subject to limitations. Our evaluation, conducted from 
September 2006 through August 2007, showed that: 1) although NSA collection systems 
and raw traffic databases can be programmed to facilitate compliance with retention 
procedures, some processing and retention procedures had not been programmed; 

2) appropriate training on how data repository systems can improve analyst compliance 
with retention rules should diminish the unintentional override of these features; and 

3) developing an automated dissemination system could lower NSA’s risk of 
noncompliance. 


(U) Management Action. Management concurred with the recommendations. 


S CCREWREL TO U 6 A, TOjV 
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6EGREWIWL TO U6A, f 


* • • f ^ 

Corrective actioii are underway on programming and training, and management is 
devising a plan td-lower risks associated with dissemination. 

(tj) Overall Report Clas’sification. TOP SECRET//COMINT//NOFORN 

(U) Category. Other (Operational Authorities) 


V--/I 

[NSA/CSS IG;. *. 



• • 

-^n^ — ---r-; — r — ^^^---=- 


----- - -^ ^ ^ ---- 

overall authoritj? iJndeT-which surveillance directed at persons reasonably believed to-T^e 

outside the United States could be conducted.. That Act has now expired, but the 

conclusions of tHe-OIG study are still vadid. .The OIG recommended changes in training and 

internal control procedures to avoid fufpre coliectioi\ incidents. 

•" **•*'•• • * 

(U) Mana^ment Action. Management concurred"vHtb all recommendations and 

corrective actions are underway. *. * * • ' 

(U) Overall Report Classification, TOP SECRET//COMINT 

(U) Category. Other (Operational Authorities) 

\ • • \ 
mi Inquiry Intd • iTaskino lijiriAnts in ) 


(b) (1) 

(b)(3)-P.L. 86-36 


NSA/CSS 


(OZ/nCL) S omm ary. During AugustMid‘Se Dtembef.2007. the OIG conducted 
special inquiry intoi I incidents that took place in| 


IG: 


t 


limited period, but NS.A eOuld not verify whetherL 


]The OIG 


recommended cji anges in internal control procedures to avoid hiture compromise of 

(U) Management Action, The SIGINT Directorate concurred with the 
recommendations and has proposed plans to protect the data. 

(U) Overall Report Classification. TOP SECRET//COMINt ] 

(U) Category. Other (Operational Authorities) 


J/NOFORN 


(U) Information Technology Enterprise Management System; NSA/CSS IG; 
AU-06-0018; 21 December 2007 

(©//nCL) Summary. In FY2002, Congress recognized the need for an Information 
Technology Enterprise Management System (ITEMS) program at NSA. Although the 
Agency has been slow to implement an Enterprise Management System (EMS) that will 
monitor the health, status, and security of the Agency’s Information Technology (IT) 
Infrastructure, ITEMS is currently regarded as a key program in the Agency’s IT 
modernization effort. of 30 June 2007, the estimated cost of the ITEMS program 

~1 Our audit found that program requirements are not well defined 


(b) (1) 

(b) (3)-P.L. 86-36 
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(b) (1) 

(b)(3)-P.L. 86-36 


because of inadequate stakeholder involvement, a-Weak governance process, and 
insufficient senior Agency manageiri|rit‘Sponsorship, Without full funding and adequate 
staffing, ITEMS may not me et its goal of delivering a centralized EMS capability to NS,A( . As* 
a result of recent budget cuts 


Further, the program’s small government staff creates the risk of inefficient 


program management and potentially puts too much reliance on contractor support for 
important program work and decision-making. 

(U) Management Action. Management concurred with all recommendations, and 
corrective actions are underway. 

(U) Overall Report Classifications. TOP SECRET//COMINT//NOFORN 
(U) Category. Joint Warfighting and Readiness 


(b)(3)-P.L. 86-36 


• • • 1 
♦ ♦ 


(U) Quick Reactiori Report . _ 

I I bloseout; NSA/CSS IG{_ 


a 


( GZ/nCL ) Sum mary. On ^ August 2007. the OIG rece ived a complaint that alleged 


mi smanagement of the [ 
the[ 


. closeout. Our ongoing audit of 
jcioseout disclosed a problem that warrants 


immediate attention by Agency leadership because valuable resour ces are being expended 

The complaint 


specifically questioned C 


1 


I . . I We found that the r *. y|had 

not conducted sufficient research to determine the most cost effective ' method for II \ 

*1 ■ 



(U) Overall Report Classification. UNCLASSIFIED//FO‘R OF fflCIAL USl^ONLY 
(U) Category. Joint Warfighting and Readiness 


(b) (1) 

(b) (3)-P.L. 86-36 


(U) Follow-up Audit of the Special Study of Time Synchronization; NSA/CSS IG; 
AU-07-0018; 23 January 2008 


(U //rOUO) Summary. To accomplish its various missions, NSA must reliably affix 
accurate time-date stamps and, when available, geolocation information on all collected 
signals. However, NSA currently has no way to certify the accuracy of time-related 
information, even to the extent of accurately specifying the order of events. Key Agency 
organizations agree that synchronized time is crucial to the mission and must be 
established. To fix this long-standing Agency problem, the Time and Frequency 
Coordination Authority (TFCA) was established in May 2006. The objective of our audit 


gccncr//Mj£ ro ugii; 
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was to follow-up on the TFCA’s progress to establish and implement an enterprise-wide 
time synchronization solution. Oiir follow-up audit found that, although TFCA has the 
authority, it does not have the organizational structure and resources necessary to direct 
and implement a time synchronization solution. The TFCA has not developed an 
acquisition plan, which would define user-timing requirements and include key 
performance goals, to eliminate the Agency's time synchronization deficiencies. 
Furthermore, the TFCA has not developed time standards and policies to ensure that 
consistent timing practices are applied across the Agency in support of the Signals 
Intelligence mission. 

(U) Management Action. The Chief of Staff, Chief Technology Officer, and Senior 
Acquisition Executive agreed to implement corrective actions for the recommendations. 

(U) Overall Report Classification. TOP SECRET//COMINT//REL TO USA, FVEY 

(U) Category. Joint Warfighting and Readiness 


(U//r0U0) Follow-Up Inspection of NSA/CSS Accuracy in Aligning Military Joint 
Duty Assignments with Billet Specifications; NSA/CSS; IN-08-0003; 

24 January 2008 

(U//rOUO) Summary. The inspection, conducted in August 2007, was a follow-up 
review of an earlier OIG recommendation concerning NSA’s compliance with a limited 
aspect of military joint duty assignment (JDA) regulations. The main areas for 
improvement cited in the inspection include: 1) establishing uniform expectations of Officer 
Assignment Managers’ roles and responsibilities by setting verification ft-equency dates and 
assigning explicit JDA billet authorities; 2) adhering to the NSA Personnel Management 
Manual, Chapter 201, when reassigning JDA officers; and 3) finalizing the Certification 
Plan, which has been in draft since 2006. 


(U) Management Action. Management concurred with the recommendations and is 
taking corrective action. 


(U) Overall Report Classification. CONFIDENTIAL 


(U) Category. Human Capital 


(b) (3) -P.L. 86-36 



(U) Advisory Report on TURBULENCE Program Management; 4^SA/CSS IG; ■’ 
AU-08-0007; 11 February 2008 ;• 


(U//rOUO) Summary. A centerpiece for Agency transformation is the development 
of a series of mission modernization capabilities knoW as TURBULENCE. TURBULENCE 
focuses on the development and fielding of an^chitectural framework to modernize 
mission capabilities in a distributed, peer-to-peer, real-time environment. When ; ! 
TURBULENCE moved from research to d evelopment, it became part of the | ‘ | 

, ♦ * * ~f On 9 January 2008, the first increment of ] I 
known as Increment I Passive," was granted approval by the Milestone Decision Authority to 
proceed to the next phjis6, system development and demonstration. Our advisory audit 
reported th at the A gency must commit to full and timely TURBULENCE implementation 
through the I [ program. Although concrete steps have been taken to increase program 
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management rigor, only the initial ] ~|i ncrement has been defined, and funding for a 
critically-related IT infrastructure project is in question. Program management is also 


_to su 

"oirfevi 


support program operations. As a result of t hese fi ndings, the OIG will 


I, 


begin a series of reviews for this fiscal year on selected areas of[ 


(U) Overall Report‘Classification. TOP SECRET//COMINT//NOFORN • 

* •. . 

(U) Category. Joint Warfighting*and Readiness ♦ 

’ • • . ■ 

(U) Signals Survey and Analysis Division Within the Ofttceof Target Pursuit; 

NSA/CSS IG; IN-07-0004: 6 March 2008 * *[(b)T 3 )-i.L. ss-se f 

. • • J 

(U/ FOUQ) Summary. The inspection reyiewed the Signals Survey and Analysis 
(SSA) Division for efficiency, effe ctiveness, and compliance, ahii to determi ne the 
relationship between.SSA-amd'theL 


and the 


functio gal boundaries between SSA and | ; • | 

I f Our inspection found a lack of strategic direction for the SSA workforce. Existing 
strategic plans do not address the role of signals analysis or SSA specifically. Since the 
inspection, SSA leadership has drafted a strategic plan th ait dev ils specific objectives and 
measurements for the SSA workforce. Although SSA and l p hare compatible missions, 
their organizational separation hampers dialo pie and lim its operational collaboration. 
Finally, we found that SSA’s relationship with f ( is inconsistent and collaboration is 

limited. While the relationship has improved with the division's renewed focus on the 
Centers, interaction is still based primarily on personal networks. 

(U) Management Action. Agency management concurred with the 
recommendations. 

(U) Overall Report Classification. SECRET//COMINT//RELTO USA, FVEY 

(U) Category. Joint Warfighting and Readiness 


(U) Oversight Review of Restaurant Fund, Civilian Welfare Fund, and Cryptologic 
Museum Gift Shop; NSA/CSS IG; AU-08-0015; 7 March 2008 

(U //rOUO) Summary. The financial statements of the Agency's Restaurant Fund, 
Civilian Welfare Fund, and Cryptologic Museum Gift Shop were audited by a Certified 
Public Accountant firm (CPA) who issued unqualified opinions. Our oversight review of the 
CPA audit found that the audit was conducted consistent with Government Auditing 
Standards. Last year, the CPA audit made four recommendations: (i) require contract 
auditors to be on-site to observe year-end inventory closeout, (2) require Sodexho to fulfill 
its contractual obligation to provide an annual audited profit and loss statement to the 
Restaurant Fund, (3) maintain and track fixed asset records in one database, and (4) 
require Nonappropriated Fund Instrumentality (NAFI) managers to supervise inventory 
counts and verify that inventory counting procedures are followed. NAFI management has 
addressed and corrected each of these recommendations. The CPAs did not identify any 
management concerns this year. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 
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(U) Category. Financial Management 


(U) Agency’s Transition to Internet Protocol Version 6; NSA/CSS IG; AU-08-0004; 
26 March 2008 


{U//rOUO) Summary. The audit objective was to determine the Agency’s progress 
in transitioning to Internet Protocol Version 6 (IPv6) and fulfilling the Information 
Assurance (lA) requirements established by the DoD and Director of National Intelligence. 
The Information Assurance Directorate has proven to be a valuable lA resource for the 
overall transition effort. However, NSA’s transition status stands in contrast to the Office of 
Management and Budget’s FY2007 assessment that more than half of the agencies are on 
track to meet the deadline. Our audit concluded that the Agency’s transition to IPv6 has 
been stalled. The transition plan has not been approved by the Chief Technology Officer, 
and the Agency lacks a Program Management Office to manage and coordinate the 
transition to IPv6. We also found that recently acquired Information Technology (IT) 
devices may not process both IPv6 and its predecessor. By accepting the risk that IT devices 
may not process both, the Agency could delay implementation and incur increased costs. 


(U) Management Action. The Technology Directorate (TD) concurred with our 
recommendations, and the LAD agreed to assist TD with information assurance support on 
IPv6 transition efforts. fTbmPi 


-P.L. 86-36 


(U) Overall Report Classification. UNCLASSIFIED//F9R.OFFlCm USE ONLY 

(U) Category. Joint Warfighting and Readiness* * ’ * . ♦ ‘ .* 

. • * ♦ ♦ . 

. . • ’ 

(U) Vehicle and Driver Services: NSA/CSS IG; AU-08-0003; 31 March 2008 

• • * ♦ ^ * * 

(U //rOUO) Smnmafy. The audit objective waS’to determine whether Jhe Agency 

onerat ^ an efficient and effective vehicle progrE^m.’ As of September 2007, th e Age ncy 
owned | [ vehicles and transportation assets*. Tn addition, the Agency leased ] V ehicles 

and assets. Our audit found that, with few exceptions. Comm uter and Motorfleet Services 
does not operate an e fficient vehicle program of almost | V ehicles and assets. In FY2007 

the Agency spent over | ( on vehicles and maintenance. However, more than half 

of the Agency vehicles reviewed had been used less than 50 percent of DoD’s mileage 
guidelines. The Agency does not have a process for reviewing usage to determine whether 
or not a vehicle is needed or whether vehicles should be leased or purchased. Consequently, 
the Agency is leasing transportation assets that would be more cost-effective if purchased. 

(U) Management Action. Management concurred with all recommendations and 
corrective actions are underway. 


(U) Overall Report Classification. SECRET//REL TO USA, FVEY 


(U) Category. Other (Logistics Services) 


(U) Procurement Fraud Initiative; NSA/CSS IG; Various Control Numbers; 
1 October 2007 to 31 March 2008 


(U //FOUO) Summary. In October 2007, we launched an initiative to identify fraudulent 
billings by NS A contractors. This initiative involves data interrogation of contractor 


f gffRgTV/REL TO UCit; 
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access records, coordination with contractor compliance officials, analysis of billing 
records, and investigation of access add billing anomalies, 

(U//FOUOt‘After a six-month run, our initiative has produced significant results. To 
date, we have identified several hundred potential mischarging matters, opened 38 new 
mischarging investigations, and completed 14 mischarging investigations, in which we 
substantiated more than 4,400 mischarged hours, amounting to approximately 
$500,000 in potential recoveries. 

(U //rOUO) We are closely coordinating this initiative with the Defense Criminal 
Investigative Service, Baltimore, and the Office of the United States Attorney for the 
District of Maryland. 


GLCREWREL TO 
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(U) NSA/CSS OIG ACTIVITIES RELATED TO 
COUNTERTERRORISM 


(U) Advisory Report on NSA Participation in the Terrorism Watchlisting Process; 

NSA/CSS IG; ODNIIG; JT-07-0006: 4 December 2007 


(U //rOUO) Summary. In December 2006, the Intelligence Community Inspectors 
General Forum agreed to coordinate a review of the processes for nominating individuals to 
the consolidated terrorist watchlist. This advisory report responds to the Forum’s 
Memorandum of Understanding, 19 March 2007 (amended and restated as of 7 May 2007), 
that required the NSA Office of the Inspector General to participate in a joint review. A 
team of inspectors from the ODNI and NSA conducted a joint review of NSA's participation 
in the terrorist watchlist nomination process from March to Septem ber 2007. The advisory 
report high lighted that; 1) no formal process exists for the review o fj 

p) no standardized format exists for submitting watchlist-nominations; and 3) no 
Intelligence Community-wide training is available on the watchlist nomination process. 
These observations were included in the ODNI’s inspection report, Ititelligence 
Community-Wide Review of ihe-Terrorist Watchlist Nomination Process: Findings and 
Recommendations for Action, 28 Febniary2Q08. 

* * • N 

(U) Management Action. Management has mitiateji action iij several areas 
highlighted by the joint IG team. ‘ . ■_ 

|(b)(3)-P.L. 86-36 

(U) Overall Report Classification. SECRET//NOFORN. . { 

(U) Category. Joint Warfighting and Readipess 

- • * ♦ ♦ _ * 


• ♦ 

(U) Geospatial Exploitation Office:*NSA/CSS IG; IN-06-0005; 22 January 2008 • *. 

. • L* * „ ~ „ ' * 

(U//FOU©') SummarV. During an OIG organiiational inspection, the Geospatial • 

Exploitation Officfe f . • * ♦' 

f Nevertheless, the recommendations ip the final report still apply to the GEO 

mission. Our inspection found that Signals Intelligence Directorate CSID) leadership .’ 

concurs with the need to define and disseminate a clear division of effort across the | 


Extended E nterprise. Since the on site phase of the inspection, SID’s Office of Analysfe and 
Production’s! Jof the.GEO mission addressed many problems. However, 


throughout the inspection, SID was un&ble o r unwilling to exercise ahv authority over.'the 
geospatial exploitation mission con ducted in 


GEO training, particularly for[ 


J 


must 


be relevant and formalized. 


(U) Management Action. SID Management concurred with the recommendations. 
Although SID did not provide final action plans on several recommendations made in the 
draft report, the IG published the final report, including estimated completion dates, and 
will address those recommendations during the follow-up phase. 


(U) Overall Report Classification. TOP SECRET//COMINT//NOFORN 
(U) Category. Joint Warfighting and Readiness 
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(U) SEMIANNUAL REPORT TO THE CONGRESS 


(b) (3)-P.L. 86-36 


(U) For the Period April 1,2007 Through September 30,2007 


(U) Government Purchase Card Program; NSA/CSSIG; AU-06-0016:12 April 2007 

(U/ZrOfeJO) Summary. Our audit found that the Agency has sucsjessfully 
implemented a ^vernment Pu rchase Card program and, for die most part, has effective 
(xmtrols over th q l in annual purchases for FY2006. Unlike msiny agencies, 

NSA only issues credit cards to a small percentage of personnel; this limits finannial 
exposure to wrongdoing and inadvertent misuse. Cardholders and certifying officials 
praised the program coordinators for their helpfulness and responsiveness. Nevertheless, 
the control environment needs strengthening in certain areas, including enforcement of 
requirements to get information technology purchases approved. 


(U) Management Action. Management concurred with all recommendations to 
strengthen the control environment. 


(U) Overall Report Classifications. SECRET//NOFORN 
(U) Category. AcMjuisition Prcx^sses and Contract Management 


(U) Oversight Review of Restaurant Fund, Civilian Welfare Fund, and Gift Shop; 

NSA/CSS IG; AU-07-0014; 15 May 2007 

(U) Summary. The financial statements of the Agency's Restaurant Fund, Civilian 
Welfare Fund, and Qyptolo^c Museum Gift Shop were audited by a Certified Public 
Accountant (CPA) firm who issued unqualified opinions. Our oversight review of the CPA 
audit found no problems in the conduct of the audit by the CPA firm. The two problems 
reported last year - the need for a new Nonappropriated Fund Instrumentalify (NAFI) 
contract and the need for a high-speed Internet connection - have been addressed. 
Additional concerns identified in the current year’s report are: 1) the restaurant contractor 
did not submit an annual audited profit and loss statement as required; 2) contracted CPAs 
were not on-site to observe the year-end closeout inventory; 3) records are not maintained 
and tracked in one dedicated database; and 4) NAFI management did not observe inventory 
counts to ensure adherence to prescribed proredures. 

(U) Management Action. Management is in the process of implementing the audit 
recommendations. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Financial Management 


Derived From: NSA/CSSM 1-52 
Dated: 20041123 
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(U) Chemical, Biological, Radiological, Nuclear Terrorism; NSA/CSS IG; 
IN-06-0002; 24 May 2007 

(C//nCL) Summary. As “the nexus between terrorism and weapons of mass 
destruction,” the Chemical, Biological, Radiological, and Nuclear (CBRN) Terrorism 
mission is vital to national security. Our functional inspection of CBRN found that the 
CBRN workforce at NSA/CS S Washington fNSAWl and the Cryptologic Centers (CCsl is 
very talented and dedicated. I 


(U) Management Action. Management concurred in the recommendations and is 
taking corrective action. 

(U) Overall Report Classification. TOP SECRET//COMINT//NOFORN 
(U) Category. Joint War fighting and Readiness 


(b) (1) 


(b) (3)-P.L. 

96-36 


(U) SIGINT Dissemination for Analytic Collaboration per USSID CR1611(P); 

NSA/CSS IG; ST-06-0017; 25 May 2007 

(U) Summary. Provisional United States Signals Intelligence Directive (USSID) 
CR1611, SIGINT Dissemination for Analytic (Jollaboration, implements policy for the 
dissemination of SIGINT, either as a product or service, or for analytic collaboration. The 
USSID has been provisional since 2004. Our special study found that it does not institute 
adequate internal controls and implementation procedures are unclear and inconsistent 
with N^ dissemination practices. As a result, NSA cannot account accurately for SIGINT 
disseminated under the USSID and there are inconsistent interpretations of what 
constitutes appropriate dissemination during collaboration activities. If SIGINT is 
disseminated before it is minimized for U.S. Person information, violations of Legal 
Compliance and Minimization Procedures (USSID SP0018) could occur. 

(U) Management Action. The Signals Intelligence Directorate (SID) management 
concurred with the report’s finding and recommendations. SID agreed to reissue the 
USSID, establish a plan to educate the workforce on USSID standards, and establish quality 
control of SIGINT disseminations during analytic collaboration. These actions will reduce, 
but not eliminate, Ae risk. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Joint Warfighting and Readiness 


(U/VrOUO) M ission Operations at the 
NSA/CSS IG ;j 


(G//nCL TO UOA, AUQ. i OAN, QDn, MEL ) Summary. The NSA/CSS OTG mndnctfid 
this assessment of Mission Oi)erations and Governance at the 


concurrent with the UJS. Army rntelligence and Security 


■ 4 

(b) (3)“P.L. 86-36 
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Command (INSCQM)*insp^on’ofthe| T^ I Overall, the 

is performm g dt an exceptional lev^ given its limited resources. However, the successol 
the j I transifrnland the Site’s ability to take on nddidonal mission responsibility hinges 
on clearly defip^ authorities, responsibilities, and^sufficient resources. Our inspection also 
found t hat the lack of a clearly defined and documented management structure within 

_is causing tonfusion for the workforce and Aereby negatively impacting current 

operations; reporting deficiencies were noted due-to gaps in reporting expertise at the site; 
and criti cal programming and manpower actions.inust be completed in the near term f or 
p attain and sustain the| 

Center mission requirements as set forth in thf* t^nci>pt p lan . 

(OiVnCL TQ UOA, AUO, QAM, OPn, Mffl -) Management Action. SID Management 
concurred with all findings f management non-concurred with one of the 

findings; however, the site is already attempting to clarify the leadership roles to the 
workforce, as recommended. 

(U) Overall Report Classification. SECRET//COMINT//REL TO USA, AUS, CAN, 
GBR, NZL 

(U) Category. Joint Warfighting and Reading 


(U) Advisory Report on the Research Project on Governance for Agency [ 7 ^ 777 ;- 1 

Programs; NSA/CSS IG; AU-07-0003; 22 June 2007 |(b) (3)-P.L . 86-361 

(S//REL TO USA, AUO, GiUf ODR, HiSL) Summaiy. At theTfeqii^t ofNSA’s Deputy 
Chief of Staff, the OIG pe rformed this re yipw to determine what acqmsition oversight is 
being performed over the j j in FY 2007 Research,, DevfeIopn;ent, Test & 

Evaluation funds. We concluded that ^most all of the.funds received some degree of 
oversight by the Directorate of Acquisition (DA) and that the Ageiicy improved this ' 

oversight by: 1) increasing th e number of RroCTam Executive.Omces (PEOs) in the new DA 
organizational structure fix)m I 1 2) creating the Tier 1 list of programs (major 

investment programs that are critical to NSA’s transfprmation and are directly managed by 
the PEOs); and 3) implementing new acquisition guidance. 

(U) Overall Report Classification. TOP SECRET//COMINT//RELTO USA, FVEY 

♦ ■ 

(U) Category. Acquisition Proc^^ and Contract Management 


(U^rOUO) Satellite Modernizatioh 
NSA/CSS IG;| .•-! 


’rogram Management; 


( QZ/nCL TO UOAi AUO. QAM. QPn . Ng t.VSummarv. The P rogram Management; 
Office (PMO) for Satellite Modernization - | has demonstrated 

effective leadersMp, strong oommunication with the partners, and innovative, cost-effecrtave 
solutions to te dmical issp^ in managmg this critical program, valu ed at approximately ‘ 

;| However,* our apdit found that collaboration with the| | 

partners is impeded Ify the conflicting standards and requirements ot eacH pamcipatmg'' 
partner, which the PMO is responsible for resolving. Additionally, based on two of the 
dollar threshold^ specified in Department of Defense Instruction 5000.2, Operation of the 


(b)(3)-P.L. 86-36 
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Defense Acquisition System, as implemented by NSA/CSS Policy 8-i, the SV program 


(U//rOliOt Management Action. The actions taken by tiie Senior Acquisition 
Executive meet the intent of the recommendations on the acquisition issues. The Office of 
the Director of National Intelligence will not include the SV Program on the Major System 
Acquisition list because it is too far along in the acquisition cycle. NSA’s Office of Policy & 
Records provided an alternate recommendation addressing partnership concerns. 
Therefore, the OIG is referring this recommendation to the Chief Technology Officer for 
action. 


(b) (1) 

(b)(3)-P.L. 86-36 


(U) Overall Report Classification. TOP SECRET//COMINT//RELTO USA, FVEY 
(U) Category. Acquisition Process and Contract Management 


' • ^ 

(U) FY2007 Report on Compliance with the Federal Information Security 
Management Act at NSA/QSS; NSA/CSS IG; AU-07-0009; 31 July 2007 

( C//nCL TO UOA, AUS, GAN, .GBR; Ngti ) Summary. Our FY2007 report on 
compliance with the Federal Information Secvu^ty Management Act at NSA/CSS concluded 
that the Agency is making steady improvements to the security posture of ite svstPiTns an d 
networks. However, much more work must be done tol | 


(U) Management Action. Management concurred with the recommendations and 
continues to take corrective action. 


(U) Overall Report Classification. TOP SECRET//COMINT//NOFORN 
(U) Category. Information Security and Priva<g^ 


(U) Mission Alignment and Build Out; NSA/CSS IG, ST-07-0005: 6 August 2007 

(U^FOUO) Summary. The IG team began its special study of Mission Alignment 
and Build Out in April 2007. The special study was undertaken, in part, because 
information gathered from field and HQ inspections pointed to some human resomce, 
mission delegation, and roles, responsibilities, and authorities issues of vital importance to 
Agency transformation. Shortly after the study was initiated, the Signals Intelligence 
Directorate (SID) reapportionment discussions were made public. As our review 
progressed, it became clear the SID reapportionment would significantly affect our results. 
Although we curtailed Ihe study, we had gathered sufficient data to offer observations 
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highlighting some systemic governance and manpower issues. We found infusion about 
and inconsistencies between Enterprise governance policies and directorate-level 
implementing documents. Disciplined processes, an accurate mechanism' to track and 
maintain data on human resources, and the commitment of leadership ^ould enhance the 
Mission Alignment and Build Out initiative's ability to meet Transformation goals. While 
we did not make specific recommendations, we noted areas in need ofleadership attention 
to help ensure a unified Global Enterprise. 


(U) Overall Report Classification. UNCLASSIFIED//FOR OmCIAL USE ONLY 


(U) Category. Joint Warfighting and Readiness 




• 

NSA/CSS IG: AFiSRA; NNWC:|_ 


( 


(b) (1) 

(b) (3)-P.L. 86-36 


( 0//nCL TO UOA, AUSi CAM G B H | M gL) Summary. The IG organizations of the • 
NSA/CSS IG, Air Force Intelligence, Surveillance, and Reconnaissance Agency (AFISRA), ’. 
and the Naval Network Warfare Command (NNWC) performed file first joint inspection of * 


(U) Management Action. Management concurred wifii the findings of the joint 
inspection team and is taking corrective action. 


(U) Overall Report Classification. SECRET//COMINT//REL TO USA, AUS, CAN, 
GBR, NZL 


(U) Category. Joint Warfighting and R^diness 


(U) SIGINT Voice Processing System; NSA/CSS IG; AU-07-0015; 22 August 2007 






■ 
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(U) Management Action. Management concurred with all recommendations and 
corrective actions are imderway. 

(U) Overall Report Classification. SECRET//COMINT//RELTO USA, FVEY 
(U) Category. Joint Warfighting and Readiness 

(U) Acquisition Management; NSA/CSS IG; AU-07-0002; 23 August 2007 



(U) Management Action. Management concurred with all recommendations and 
has initiated or planned actions in response to the audit findings. 

(U) Overall Report Classification. TOP SECRET//COMINT//NOFORN 

(U) Category. Acquisition Processes and Contract Management 

(U) Advisory Report on the Followup Research of Activities Associated with 
Expeditionary SIGINT Deployments to Hostile Areas; NSA/CSS IG; ST-07-0015; 

24 August 2007 

(U #rOUO) Summary. This followup research continues the Office of the Inspector 
General’s examination of the processes associated with the deployment of NSA/CSS 
personnel to hostile areas in the Central Command Area of Responsibility (CENTCOM 
AOR). A 2006 IG report (Advisory Report on the Activities Associated with Expeditionary 
SIGINT Deployments to Hostile Areas) highlighted the need to standardize processes 
related to candidate selection, pre-deployment mission training. Information Technology 
(IT) support and corporate resolution of issues. For the followup, we evaluated data 


(b) (1) 

(b) (3)-F.L. 86-36 
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(b) (3)-P.L. 86-36 


provided by intemews and a web survey with NSA/CSS peisopnel who deployed to • 

fin 

addition, we interviewed representatives of organuations involved in the deployment 
process. We found that, overall, major process improvements have been made, particularly 
administrative processes consolidated by the NSA Deployment and Readiness Center. 
However, several areas require continued monitoring: mission training; IT investment; P3 
performance review, and oversight of time and attendance. 

(U) Management Action. Management concurred in the recommendations and is 
taking corrective action. 

(U) Overall Report Classification. SECRET//RELTO USA, AUS, CAN, GBR, NZL 

I 

(U) Category. Joint Warfighting and Readiness 


(U) Menwith Hill Station; AFISRA IG; NNWC IG; INSCOM IG; NSA/CSS IG; Other IG; 
JT-07-0003: 13 September 2007 


(0//nEL TO UOA, AUO, 0AM OOn, Wgfe. ) Summary. The IG organizations of the 
Air Force Intelligence, Surveillance, and Reconnaissance Agency (AFISRA), Naval Network 
Warfare Command (NNWC), Intelligence and Security Command, NSA, and another IG 
visited Menwith Hill Station (MHS) in June 2007. The joint IG team found that MHS has 
demons trated exceptional mission success and outstanding contributions to the SIGINT 


effort in 


Higher HQ and MHS leaders 


have taken remarkable steps since our last joint inspection m 2004 to effectively integrate 
and synchronize operations and support in a de manding enviropment. The following 
recommendations merit managemenVs attention: 



(U/yrOUO) Management Action. Management concurred with the findings of the 
joint inspection team and is taking corrective action. 

(U) Overall Report Classification. SECRET//COMINT//TALENT 
KEYHOLE//REL TO USA, AUS, CAN, GBR, NZL 

(U) Category. Joint Warfighting and Readiness 


(b) C) 

(b) (3)“P.L. 86-361 


(U) Status of Agency Study on Information System Security; NS/VCSS IG; 
AU-07-0001; 14 September 2007 


■(6) Su mmary. The audit determined whether the Agency had taken steps to 
implement tli ej "T recommendations for strengthening the Agency's 

information system security TX)sture. While our initial focus was to identify the status of thj e 


__Our review 

I found fiiat since 2000, numerous Agency studies, reports, and assessments of the 


» 

(b) (3)-P.L. 86-36 
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(b) (1) 

(b)(3)-P.L. 86-36 


}• 


(U//FOUO) Management Action. The Infonnation Technology and Information 
Assurance Directorates agreed to implement corrective action for all of the 
recommendations. 

(U) Overall Report Classification. TOP SECRET//COMINT//NOFORN 
(U) Category. Information Security and Privacy 



(U) Labor Mischarging; NSA/CSS IG; IV-07-0052; 12 September 2007 

(U//F 0 U 01 Summary. The NSA OIG substantiated an allegation that a contract 
employee mischarged an NSA Time and Materials contract between January 2006 and 
June 2007. We determined the contract employee mischarged 270 hours, amounting to 
approximately $22,000 in false billings. The contractor reimbmsed NSA that amount and 
dismissed the employee. The United States Attorney’s Office, District of Maryland, declined 
prosecution due to the contractor’s cooperation and reimbursement to NSA. 

(U) Management Action. The matter was referred to the ADS&CI for possible 
security clearance action. The company made restitution in accordance with our findings. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Contract Fraud) 


(U) Falsification of Crypto-Tape Testing Documents; NSA/CSS IG; IV-07-0036, 

30 August 2007 |(b) (3) -P.L. 86-36 

(U/rOUO) Summary. The NSA OIG conducted an investigation in response to an \ 
allegation that an Agency Cryptologic Fabrication worker forged the initials.( 5 f two Agency *, 
officials responsible for conclucting quality control tests on secure comn^unications tapes * 
(“crypto tapes”). According to the complainant, the subject employeeibrged the two » 

officials’ initials on quality control documents, but no auali lv contref testing had been \ 

conducted. Our investiEation .suKstantiated the allezation. I . * 1, 

♦ 

♦ 

( The forged testing records 

were discovered prior to shipment, and we verified that this lot of tapes received 
appropriate quality control testing before it was released for distribution. The United States 
Attorney’s Office, District of Maryland, declined prosecution in favor of administrative 
discipline. 

(U) Management Action. The Report of Investigation in this matter was referred to 
the NSA Aissociate Directorate for Security and Counterintelligence (ADS &CI) for possible 
action on the employee’s security clearance, and to NSA Employee Relations for 
administrative discipline. 

(U) Overall Report Classification. UNCLASSinED//FOR OFFICIAL USE ONLY 


gijcmjr//iiijij TO AUG, aw, opij mimomm 

8 


Release: 2019-06 
NSA:08765 





Doc ID: 6672181 


oeoretoubl (To ujjt, imo, ojw, obr, mutaomiio 


(U) Category. Other (Falsification) 

(U) Falsification of Medicai Center Document; NSA/CSS IG; IV-07-0028; 

15 June 2007 

(U //FOUO) Summary. The NSA OIG substantiated an allegation that an NSA 
employee falsified an official Government document in order to misrepresent her 
whereabouts to Agency management. The employee admitted she intentionally altered an 
Agency official’s writing on an Occupational Health, Environmental & Safety Services 
document. The NSA OIG previously substantiated significant time and attendance 
violations against this particular employee. 

(U) Management Action. The NSA OIG Report of Investigation on this matter was 
referred to the ADS & Cl for possible action on the employee’s security clearance and to 
NSA Employee Relations for administrative discipline. 

(U) Overall Report Classification. UNCLASSIFIED//FOROFnCIAL USE ONLY 

(U) Category. Other (Falsification) 

(U) Travel Voucher Fraud and Misuse of Government Charge Card; NSA/CSS iG; 
iV-07-0007; 30 August 2007 

(U //FOUO) Summary. The NSA OIG conducted an investigation in response to an 
allegation that an NSA Computer Scientist altered TDY itineraries and charged the 
Government for post-TDY “Rest and Relaxation” (R&R) trips to Thailand. Our 
investigation substantiated that the employee altered his official itineraries on four separate 
occasions to add a total of eight post-TDY R&R trips to Thailand. We determined the 
Government paid the employee’s air^e for seven of these eight R&R trips, and that the 
employee inappropriately charged airfare for all eight trips to his Government travel charge 
card. In addition to the cost of the airfare for the Thailand trips, a review of 38 travel 
vouchers submitted by the employee between 2004 and 2007 determined that the employee 
was mistakenly reimbursed for otiier non-reimbursable TDY expenses. The United States 
Attome/s Office, District of Maryland, declined prosecution in favor of administrative 
discipline. 

(U) Management Action. Our Report of Investigation in this matter was referred to 
the ADS&CI for possible action on the employee’s security clearance; to NSA Employee 
Relations for administrative discipline; and to the NSA Travel (3ard Program Office for 
initiation of a restitution action. The Agency has suspended the employee’s Government 
travel charge card. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Travel Voucher Fraud / Misuse of Resources) 

(U) Time & Attendance Fraud, Travel Voucher Fraud, Misuse of Government 
Charge Card; NSA/CSS IG; IV-06-0057; 31 August 2007 

(U //rOUO) Summary. The NSA OIG conducted an investigation based upon 
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(b) (3)-P.L. 86-36 


allegations of voucher fraud against a GG-ia l f We substantiated that 

the employee: i) intentionally falsified her timesheets, for a total shortfall to the 
Government of 360.50 hours (approximately $15,580); 2) intentionally falsified a 
Government travel voucher, charging the Government $1,001.40 for expenses in Hawaii 
when the trip was essentially a personal vacation; and 3) intentionally misused her 
Government travel charge card. The United States Attomey* s Office, District of Maryland, 
declined prosecution in favor of administrative discipline. 

(U) Management Action. The OIG Report of Investigation was referred to the ■ 
ADS&CI, for possible seciuity clearance action; to NSA Employee Relations for 
administrative discipline; and to the NSA Office of Finance for initiation of a restitution 
action. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Fraud and Misuse) 

(U) Government Credit Card Misuse; NSA/CSS IG; IV-07-0035; 17 September 2007 

(U/yFOUO) Summary. The NSA OIG substantiated an allegation that a former 
military assignee at NSA (now a contractor assigned to an NSA contract) knowingly 
misused his Government-issued travel charge card by charging over $23,000 in personal 
expenses to the card, including a $21,700 charge for on-line foreign currency trading, 
$1,403.50 for cash advances and $54.00 for cinema tickets. The former assignee failed to 
pay a balance of $14,262.95 on the card prior to leaving Government service. The OIG 
verified that the former assignee is personally responsible for this debt, and therefore there 
is no potential pecuniary loss to the Government. The United States Attorney's Office, 
District of Maryland, declined prosecution in favor of administrative discipline. 

(U) Management Action. The NSA OIG’s Report of Investigation in this matter 
was referred to the ADS&CI for possible security clearance action. 

(U) Overall Report Classification. UNCLASS1FIED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Misuse of Resources) 


(U) Misuse of Agency Software; NSA/CSS IG; IV-07-0019; 23 July 2007 

(U//FOUO) Summary. The NSA OIG substantiated an allegation that a GG-14 
employee removed unused, unclassified Government-owned Commercial-Off-the-Shelf 
(COTS) software from Agency spaces, without authorization, and then installed the 
software on multiple personally owned computer systems. We also determined that, after 
installing the COTS software, tie employee and/or a family member activated it, rendering 
it useless to the Agency. Finally, we concluded the employee failed to fully and truthfully 
respond to management inquiries about the COTS software. 

(U) Management Action. The Report of Investigation in this matter was referred to 
the ADS&CI for possible security clearance action, and to NSA Employee Relations for 
administrative discipline. We also referred the matter to the Agency’s Office of Finance for 
initiation of a restitution action. 
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(U) Overall Report Classification. UNCLASSIFIED//FOROFnCIALUSE ONLY 
(U) Category. Other (Misuse of Resources) 

(U) Misuse of NSA Computer Networks; NSA/CSS IG; IV-07-0024: 

10 September 2007 

• 

(U //rOUO) Summary. The NSA OIG substantiated an pUegation that a GG-13 Skills 
Community Director misused Government resources for.private gain. Our investigation 
determi ned that the employee used the classified y td'uhclassified computer networks to 
facilitate ! I 

(U) Management Action. The matter was referred to NSA Employee Relations for 
administrative discipline. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(U) Category. Other (Misuse of Resources) 


(U) Misuse of NSA Unclassified Computer Network; NSA/CSS IG; Various Control 
Numbers; 1 April 2007 to 30 September 2007 

(U) Summary. During the past six months, the NSA OIG substantiated a total of 33 
allegations that NSA affiliates misused Government resources by accessing adult-oriented 
material on the Agency’s unclassified computer network. The 33 cases break down as 
follows: 18 contractor matters, 8 military assignee matters and 7 civilian matters. 

(U) Management Action. Consequences for contractor employees ranged from 
company reprimand to dismissal from employment. Mditaiy assignee cases were referred 
to the appropriate service for military discipline. Civilian cases were referred to NSA 
Employee Relations for administrative discipline. All matters were referred to ADS&Cl for 
possible security clearance action. 

(U) Overall Report Classification. UNCLASSinED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Misuse of Resources) 


(U) Child Pornography; NSA/CSS IG; CO-07-0279; 5 March 2007 

(U/yrOUO) summary. Th e NSA OIG supported an FBI investigation into an 
NSA/CSS GG-15 civilian employeel 


The FBI’s investigation was part orjt'roject 8ate cniicinooa, a nabonwiae mmauve aesigned 
to protect children from online exploitation and abuse. An FBI search of the civilian’s 
Maryland residence and analy sis of bis home computer revealed that he used his home 
computer to recei ve more than | H mages of child p omoCT aphy from the Internet. O n 
I Ih e was sentenced m Fjederal court t( j ( years in prison followed b yj | 

years of supervise release for receiptot child pornography. He was also order^ ter register 

as a sex offender. * * . *. • ■ . • * * 

! . • ’ 

(U) Management Action. TJie eniployee is no longer eipployed at the Agency and 
does not hold a security clearance. * *. / 


(b) (6) 
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(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Child Pornography) 

(U) Misrepresentation of Academic Credentials; NSA/CSS IG; IV*07-0003 
(8 August 2007); IV-07-0009 (30 April 2007); IV-07-0025 (8 August 2007) 

(U) Summary. A Federal law enforcement Agenqr provided the NSA OIG with a list 
of individuals who obtained bogus degrees from diploma mills. Through a data 
interrogation process, we were able to determine that the list contained the names of three 
NSA civilian employees. We determined that each employee paid a fee for a bogus degree 
and represented that degree to the Agency as legitimate. We also determined that the 
employees provided the Agency with academic transcripts setting forth courses they did not 
actually take and grades they did not actually receive. In each case, we concluded the 
employees either knew or reasonably should have known their degrees were illegitimate, 
and that they intentionally misrepresented their credentials and qualifications to die NSA. 

(U) Management Action. The OIG’s Reports of Investigation were referred to the 
ADSScCI for possible security clearance action; to NSA Employee Relations for 
administrative discipline; and to NSA Human Resources for any necessary grade and pay 
adjustments. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Misrepresentation) 

(U) Hostile Work Environment; NSA/CSS IG; IV-07-0027; 6 June 2007 

(UZ/FOUO) Summary. The OIG substantiated an allegation that a GG-15 manager at 
an Agency field site created a hostile work environment for one of the military assignees. 
Our investigation determined that the GG-is’s performance frustrations with the military 
assignee caused him to make statements and gestures toward the military member that 
were abusive in nature. We concluded that the GG-15 violated applicable NSA Policy by 
using intimidating language and gestures, and failing to exercise courte^ and respect in 
dealing with a coworker. 

(U) Management Action. The OIG Report of Investigation in this matter was 
referred to NSA Employee Relations for administrative discipline. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Hostile Work Environment) 

(U) Time and Attendance Fraud; NSA/CSS IG; IV-07-0011; 05 May 2007 

(U M~OUO) Summary. The OIG substantiated an allegation that, between 
1 February 2006 and 19 January 2007, a GG-13 Facilities Project Manager intentionally 
submitted false and inaccurate timesheets, for a total shortfall to the Govenunent of 
646 hours (approximately $28,824). The employee asserted that he regularly conducted 
NSA business from inside his car in the NSA parking lot (outside the NSA CONFIRM 
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system), becausej | Our investigation 

determined this explanation was implausible. The Umted States Attorney’s Office, District 
of Maryland, declined prosecution in favor of administrative discipline. 

(U) Management Action. The OIG Report of Investigation was referred to the 
ADS&CI for possible security clearance action; to NSA Employee Relations for 
administrative discipline; and to the NSA Office of Finance for initiation of a restitution 
action. 


(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(U) Category. Other (Time and Attendance) 



(U) Management Action. Responsible contractor made restitution in accordance 
with OIG findings. ‘ 


(U) Overall Report Classification. TOP SECRET//RELTO USA, AUS, CAN, GBR, 

NZL 

(U) Category. Other (Financial Accountability) . —- 

(b) (3)- 
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(U) 


NSA/CSS OIG ACTIVITIES RELATED TO 
COUNTERTERRORISM 


(t)(1) 

(b) (3)-50 use 3024 (i) 
(b)(3)-P.L. 86-36 


(U) Inspection of the Geospatial Exploitation Office; NSA/CSS IG; iN-b6-0005 

(C// nCL TO UOA, r¥6 ¥) Background. The Geospatial’Exploitation Office (GEO) 
began operations I ♦ • * 


[ The primary objectives of the inspection were to 
assess GEO’s mission effectiveness, GEO’s ability to satisfy requirements and information 
needs levied on the organization, and GEO mission management. Prior to publication of 
the draft report, the SIGINT Directorate’s Deputy Director for Analysis and Production 

realigned the S2 organization. The realignmen t resulted in I _ 

1 Several findings and recommendations were • 
identitied In the tiralt mspection report that apply to. the GEO mission as a whole and not 
the GEO organization in particular. Depending on the outcome of the draft report review 
process, these mission topics may need to be addressed at the Sif) level. 

* • . _ • 

(b) (3)-P.L. 86-36| 

(U) Special Studies of Counterterrorism Programs; NSA/CSS IG 


(U//FOUO) Background. In January 2007, all Counterterrorism programs 
previously operated rmder Presidential authority began operating under the authority of 
Foreign Intelligence Surveillance Court orders. For these new orders, the OIG performed 
reviews in accordance with their terms, which specified that an initial review would be done 
to ensure that minimization procedures were adequate. The FISC orders imposed strict 
time limits, but when possible, these reviews included testing. The OIG completed two such 
reviews in the past six months. In addition, we published a report on a speciid inquiry 
performed to answer concerns raised about activities tmder one of the FISC orders. 


(U) Assistance to ODNI IG for the Terrorist Watchlist Project; NSA/CSS IG; 

JT-07-0006 

(U) Background. The Terrorist Screening Center (TSC) maintains a consolidated 
terrorism watchlist that is populated by information from the National Counterterrorism 
Center (NCTC) and the Federal Bureau of Investigation (FBI). Agencies that possess or 
acquire terrorism and coimterterrorism information, with the exception of purely domestic 
counterterrorism information, are required by Executive Order 13354 to promptly give 
access to such information to the NCTC. The NCTC provides a subset of that information to 
the TSC for inclusion on the consolidated watchlist. The Intelligence Communify 
Inspectors General (ICIG) Forum agreed to coordinate a review of the processes for 
nominating individuals to the consolidated terrorist watchlist. The Offices of the Inspector 
General of the Office of the Director for National Intelligence (ODNI), Central Intelligence 
Agency (CIA), Department of Justice (DOJ), Defense Intelligence Agency (DIA), National 
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Security Agency (NSA), National Geospatial-Intelligence Agency (NGA), Department of 
State (Sate), Department of Homeland Security (DHS), Department of Energy, and 
Department of Treasury (Treasury) are participating in the joint review. While other IC 
agencies performed internal reviews wi thin their respective agencies, ODNI and NSA 
inspectors jointly reviewed NSA's participation in the watchlisting nomination process. The 
joint inspection team focused on the provision of terrorist-related SIGINT information to 
the NCTC for Ae purpose of watchlisting. Cross-commimity findings and observations from 
the individual agency reports wUl be incorporated in the overall IC IG report. 
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(U) SEMIANNUAL REPORT TO THE CONGRESS 

(U) For the Period April 1, 2008 through September 30, 2008 

(U) Assessment of Management Controls to Implement the Protect America Act of 
2007; NSA/CSS IG; ST-08-0001; 3 April 2008 

(U// fOUO) Summary. NS A has implemented procedures to comply with the provisions 
with the Protect America Act of 2007 (PAA), which modified the Foreign Intelligence Surveillance 
Act (FISA) and was signed into law on 5 August 2007. To protect the privacy rights of U.S. 
persons, the new legislation required NSA to implement and follow procedures established by the 
Director, NSA, to ensure its adherence to three requirements: that targets are located overseas, that 
the foreign intelligence purpose is significant, and that personnel follow applicable minimization 
procedures. Our findings included: 1) NSA immediately implemented DIRNSA-directed procedures 
on compliance with PAA and strong controls to determine that targets are located outside of the U.S; 
2) PAA tasking needs additional controls, in particular to verify that only authorized selectors are on 
collection and that the information acquired relates to the foreign intelligence target; and 3) more 
rigorous controls will increase the reliability of spot checks for PAA compliance. 

(U) Management Action. Management concurred with the recommendations. 

(U) Overall Report Classification. TOP SECRET//COMINT//NOFORN 
(U) Category. Significantly Improve Intelligence Capabilities 


(U) NSA/CSS Hawaii; NSA/CSS IG; AFISRA IG; INSCOM IG, NNWC IG; INSCOM; 

JT-08-0001; 23 April 2008 

(UATOUO) Summary. The IG organizations of the Air Force Intelligence, Surveillance, 
and Reconnaissance Agency; Naval Network Warfare Command; Intelligence and Security 
Command; and NSA conducted the inspection at Kunia, Hawaii, in January and February 
2008. The transformation challenges identified during the inspection of mission operations at 
NSA/CSS Hawaii (NSAH) are a microcosm of those facing the Extended Enterprise: the 
requirement to maintain legacy capabilities on critical enduring target sets and, at the same 
tim e, develop a workforce that can take on the challenges of the networked world. We fo und 

tha^ 


__^___ With the completion of the 

new NSAH building years away, the likelihood that personnel will have to remain in the tunnel 
past FY13 has emerged. An engineering and safety study of the tunnel has revealed several 
health arid safety problems that must be addressed in the near term. Funding for these repairs 
must b*e identified as well. Finally, the inspection team identified fourteen commendable 
achievements across all eleiuents of NSAH, reflecting solid leadership at all levels. 


(b) (3)-P.L. 86-36 


Derived From: NSA/CSSM 1-52 
Dated: 20070108 
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Declassify On: ^ 320108 

(U) Management Action. Management concurred with the recommendations and is 

taking corrective action. 

(U) Overall Report Classification. TOP SECRET//COMINT//REL TO USA, FVEY 
(U) Category. Joint Warfighting and Readiness 

(U) Official Representation and Confidential Military Funds; NSA/CSS IG; AU-08-0017; 

23 April 2008 

(U/ /FOUO) Summary. We conducted this audit to determine whether Official 
Representation and Confidential Military Funds are managed consistent with laws and 
regulations and to follow-up on our previous audit recommendations. We found that NSA 
organizations, such as the Internal Review Group and Operations Risk Management, have 
conducted adequate internal-control reviews of the Official Representation and Confidential 
Military Funds. Therefore, we discontinued our audit. We will periodically review the 
Internal Review Group’s accounting practices to ensure that adequate oversight continues. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Financial Management 

(U) Advisory Report on NSA/CSS Extended Hours Operations; NSA/CSS IG; ST-08- 

0003; 30 May 2008 

(U//FOUO) Summary. Extended-hours areas include watch/operation centers, 
production areas, and support offices. We reviewed the consolidation achieved and efforts 
currently underway by the National Security Operations Center, Signals Intelligence 
Directorate, Technology Directorate, Information Assurance Directorate, and other Agency 
organizations. Our special study found that over the past 12-18 months significant progress in 
reducing and consolidating extended- hours organizations has been achieved. An interview of 
the Director of Installations and Logistics and the Special Executive for Power, Space, and 
Cooling revealed that recent consolidation efforts have produced available space for other uses 
and that extended-hours operations areas have minimal effect on power consumption. We also 
found that there is no single authority for establishing extended-hours operations, nor is there 
official policy or guidance for setting up or maintaining extended-hours areas or functions. 
Finally, NSAW does not maintain a consolidated list of extended-hours operations areas. 

(U) Overall Report Classification. TOP SECRET//COMINT//REL TO USA, AUS, CAN, 

GBR, NZL 

(U) Category. Joint Warfighting and Readiness 

(U) NSA/CSS Colorado; NSA/CSS IG; AFISRA IG; INSCOM IG; JT-08-0002; 

18 June 2008 

(U//F0UO) Summary. The IG organizations of the Air Force Intelligence, Surveillance, 
and Reconnaissance Agency; Intelligence and Security Command; and NSA conducted the 
inspection at NSA/CSS Colorado (NSAC). This was the first inspection of NSAC. The 
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inspectors found that confusion surrounding the NSAC mission, functional realignment, 
and implementation timing has created dissention and distrust that has diverted mid- and 


1 

■ 

• 

• 


[_ 

1 Finally, the inspection team identified three commendable achievements . 


* • " 

(U) Management Action. MSnagegient concurred with the recommendations and is 

* • • 
taking correttive.^ction. 

(U) Overall Report Classifications. SECRET//COMiNT//TALENT KEYH.OLE//REL 

TO USA, FVEY * * * • . . • 

(U) Category. Joint Warfighting and Readiness 


(b) (3)-P.L. 86-36 


(U)[ 


NSA/CSS 


■ . • •.*/♦• •'♦V^TClbseout 




n 


. 1 * 

.V 

V 


(U/ /FOUQ) Summary. In May 2p02, tHe’Directorj, NSA notrfiedYhe Assistant Secretan^ *. 

of Defense, Command Contr.ol, ■Communications ^ndIntelligeHce« that theT*^ / ! ' tt 


i! 


I Our audit found that; overall, the Microelectronics Solutions organization ^ 


has made little progress in the cloSeout of | . ♦ 

^ ^ ^ ^ ^ Ji ^ __-Xl.__ •l-l- TX _ TV _TVTn A 


J. 


in accordance with applicable DoD and NSA/CSSa^egulations. esnedallv in regard to the a 


[ 


h as done little to prepare thej >^fbuilding for reiitilization nr ta rpHnrp ift / 

consumption. This failure to act persisty even though the|^ ^ 

operations ended] ♦ • . ♦ > nd Micro electroni 


J 


_ to prepare for the shutdown 

has spent more than fon this effort and. 


Micro electronics SoliHions m^nagemeft t has had 

[ the Agency 


7 


] 


(U//FOUO) Management Action. Management concurred with 6 ur recommendations, 
but advised us that power consumption was not a priority .for the | ( closure. Because of the 

Microelectronics Solutions management's inability to md ke any progress in the shutdown of 
I f we made a recommendation to the 

Information Assurance Director to restructure Microelectronics Solutions management that is 

responsible for the delay. 

(U) Overall Report Classification. TOP SECRET//COMINT//NOFORN 
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(U) Category. Joint Warfighting and Readiness 


(b)(3)-P.L. 86-36 


(U) NSA’s Top Secret /Special Compartmented Information Public Key Management 
I Infrastructure; NSA/CSS IG; AU-08-0001; 27 June 2008 


I . (U//f''OUO) Summary. NSA Public Key Infrastructure (PKI) protects NSA 

\ communicaltions and networks by providing authentication of users, encryption, and digital 
signing. NSA PM ensures that security restrictions on classified data and information are 
■■ maintained when information is e-mailed or published on web pages. Our audit found that. 



• (U) Management Action. During the audit*, the Chief Information Security Officer 

. initiated actions to address the noted conditions. 

♦ 

(U) Overall Report Classification. TOP SECR^T//COMINT//NOFORN 

♦ 

. (U) Category. Joint Warfighting and'R^adiness 

• ♦ 

♦ 

■ (U) Nuclear Weapons Personnel Reliability Program; NSA/CSSJG; AU-08-0006; 

7 July 2008 

■ ♦ 

■_(UZ/FOIIO) Summary. One of the Agency's most important missions is 


I ___JThe 

purpose of the Nuclear Weapons Personnel Reliability Program (NWPRP) is to ensure that 
everyone who performs these duties meets the highest standards of reliability, including 
physical, psychological, and technical competence. The NSA/CSS Office of Inspector General, 
which is responsible for DoD oversight, has conducted periodic audits of the NWPRP since 
2001. Our most recent audit found that the NWPRP has significantly improved the security, 
medical, and program management controls since our initial review in 2001. The program has 
established a systemic process to ensure and document that individuals accepted into the 
program meet, and continue to meet, DoD reliability standards. NSA policy requires that 
NWPRP employees be randomly drug tested at a higher rate than the rest of the Agency 
population. However, flaws in the selection methodology prevent the program from meeting 

its stated goals. 

(U) Management Action. Management concurred with all recommendations and 
corrective actions are underway. 

(U) Overall Report Classification. CONFIDENTIAL//REL TO USA, FVEY 
(U) Category. Joint Warfighting and Readiness 

(U) RT-10 Initiative; NSA/CSS IG; AU-07-0016; 11 July 2008 
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(b)(3)-P.L. 86-36 


* • ♦ ♦ 
^ ♦ ♦ 


' - ( S /ZREL) Summary. To improve SIGINT support for th£;Joirtt Intelligence Operations / 
Capability in Iraq, NSA developed a system called RT-10,*J, • . * / . •; | •• 


♦ • * »* I We*performed this*au‘djt in response to an 

allegation that RT-10 had been developed v^ithoutthe progranjinatic'ovCTSight that NSA and.' 
DoD regulations require. ♦We foun^ this atlegatiom . » *• | 


I 


I l essentjalTor an ongoing war. The Agency has recently made progress in 

est ablishing programf racture for, RT-10, an effort th at should he ' reinforiced as the system is 
I f our audit concluded that, since !' I the RT-10 program has 

operated without the ove.rsight and documentation necessary to hold the Program Office 
accou ntable for cost, schedule, and performance* With DoD support, die program was 
expandec ^ [ although a Capability Production Docum ent, the formal req uirements 

specification, was not sent to DoD for validation until [ 

(U) Management Action. Management concurred with the recommendations. 

(U) Overall Report Classification. ^OP SECRET//COMINT-ECI RDV//NOFORN 

♦ 

(U) Category. Joint Warfighting and Readiness 
♦ 

(U) l ( on the Agency’s Unclassified Network; NSA/CSSIG; 

AU-08-0005B; 14 July 2008 

(S//REtr) Summary. In its current state, the Technology Directorate (TDl-develoned 



(b) (1) 

(b)(3)-P.L 


86-36 


(U) Management Action. The TD concurred with our recommendations, and the Signals 
Intelligence Directorate and NSA/CSS Threat Operations Center agreed to assist TD in the 
process. TD has started to take corrective actions. 

(U) Overall Report Classifications. TOP SECRET//COMINT//NOFORN 

(U) Category. Joint Warfighting and Readiness 

(U) Compliance with the Federal Information Security Management Act at NSA/CSS; 

NSA/CSS IG; AU-08-0012; 31 July 2008 

(U/ /FOUO) Summary. Our FY 2008 audit on compliance with the Federal Information 
Security Management Act found that, after another FISMA reporting cycle, the Agency has 
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made some improvements to the security of its systems and networks. 
Information Technology (IT) security personnel are becoming more effective in 

[into major Agenc> 

iatives. For examnlel 


• [ However, much more work must 

b&done to correct the material weakness reported in August 2006 regarding IT security for 
•.systems within NSA’s control. Weaknesses that have not been fully mitigated include: 


f .* ; (U) Maaagement Action. Management concurred with the recommendations and 

♦ * • . corrective actions are underway. 

- Overall Report Classifications. TOP SECRET//COMINT//NOFORN 

(b)(3)-P.L. 86-36 

_. (U) Category. Information Security and Privacy 

;;; .... 

; (U/?Ir<^JJO^Advi^6iy*'Rfeport.Qfli.thel | 

r. \\ i NSA/CSS IG; V':: ♦.., I 

(S//RELJ) Summ’ary. To a'chieve its* stated goal ofj |NSA has 

•.‘ . implemented a^eries *^f initiatives called Transformation 3.0. One initiative! 


• . . * *•- I adv isory review fo cused on the 

Intelligence OvjersigHt (i( ^) and'internal controls implemented by| (developers. 

Our review concluded that * ♦ * ."[ developers are properly applying Signals Intelligence 

(SIGINT) rules to SIGIOT activities and Information Assurance (lA) rules to lA-relevant 
activities and are implementing appropriat e IQ controls. However, not all lO controls have 
been documeid ed or im plemented bec ause ] [ is not yet fully operational under 

I Because l supports a new mission for NSA| and the risk is high if 

safeguards are not incorporated into procedures to ensure protection of U.S. persons 
information, an lO review of control mechanisms may be warranted when] 

becomes fully operational. 

(U) Overall Report Classifications. TOP SECRET//COMINT//REL TO USA, FVEY 

4 

(U) Category. Signiflcantly Improve Intelligence Capabilities 

4 

(u j j proiect; NSA/CSS IG; ] 

Summary. Our audit found that! I which provides 


Nummary. Our audit tound thall_ _(which provides 

ransformation 3.0 

programs, is not ade quately funded. Witho ut adequate funding, critical components of the 
• "[program w ill fad .J j is included in a set of projects called 

l.♦SiJlce the project began! Idevel 


wiiuiJiiiMrai! 
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(b) (1) 

(b)(3)-P.L. 86-36 



(U) Management Action. Management agreed with ou r recom mendations to improve 
the requirements and budget processes for th ej | proiects. | 

(U) Overall Report Classifications. TOP SECRET/ZCOMINT/ZNOFORN 

♦ " 

(U) Category. Significantly Improve Intelligence Capabilities 

♦ 

* 

(U) Agency’s System Security Plans; NSAZCSS IG; AU-08-0005A; 8 September 2008 

♦ 

( S ZZREL) Summary. Since 2002, the Ag ency OIG has reported that deficieircies in the 


Agency’s System Security Plans (SSP) Progra jtfj • ~\ 

I ♦ Contributing factors include a lack of Agency 

. requirements, standards, and resoyrces. Our au dit found that, although currently 
i mplementing initiatives to improve th^ SSP Program,} . [ 



(b)(3)-P.L. 86-36 


the Information Security Ofllce did not establish a baseline level of 

.' ♦ • evidence for all accreditation decisions. 

• • 

% ♦ 

(tI)*Management Action. The Technology Directorate concurred with our 
* ’ recommendations and has started to take corrective actions. 

(U) Overall Report Classifications. TOP SECRETZZCOMINTZZNOFORN 

(U) Category. Information Security and Privacy 


; * • . , 

(U) liplization of Time* ami*M§terial (T&M) Contracts; NSAZCSS IG; AU-07-0006; 

16 September 2008 

* ♦ * * • . 

(UZ/ FOUO) *Summary. We performed this audit aS part of the Agency OIG’s contract 
fraud initiative to determine whether controls are adequate for contractpr oversight. Since 
2005, NSA has collected^or is in the process of collecting more than $1 milli'oh in c ontrac tor 
mischarging on service con tracts, includ ing T&M. Today the Agency has more than l ( t&M 
contracts valued at about ^~ I Our audit found that the Agency does not routinely 

perform the extensive oversight needed for T&M contracts, in spite of recent substantiated 
mischarging. Our review of| Icontract actions confirmed this appraisal, especially in regard 
to certifying contractor invoices and validating contractor education and experience. The 
underlying cause of the contracting problems has been long-term understafiing of the 
Contracting Group. A recently approved FY2008 staffing increase to Acquisition should 
improve the Group’s ability to work with Agency organizations to avoid T&M contracts and 

provide necessary oversight. 
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(U// POUO ) Management Action. The Director, Business Management Integration 
(BMI), has not provided comments to Recommendation 2 that Acquisition develop a plan to 
convert long-term T&M contracts to fixed-price contracts (including performance-based). We 
have again asked the BMI Director to respond to this report. The Contracting Group has 
taken or started to take corrective actions in response to our other recommendations. The 
Technology Directorate (TD) concurred with our recommendations, and the Signals 
Intelligence Directorate and NSA/CSS Threat Operations Center agreed to assist TD in the 
process. TD has started to take corrective actions. 

(U) Overall Report Classifications. UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(U) Category. Acquisition Processes and Contract Management 

(U) Joint Duty Assignment Program - Civilian; NSA/CSS IG; ST-08-0020; 

29 September 2008 

(U/ ffOUO ) Summary. Our special study on NSA’s implementation of the Joint Duty 
Assignment (JDA) Program found that NSA is implementing the JDA program as effectively 
as possible given the evolving state of the JDA program within the Intelligence Community. 
DoD implementing guidance was issued on 2 June 2008; NSA's implementing guidance is 
currently in draft and is expected to be published shortly. However, we did identify the 
following concerns that may impede the JDA program: 1) The requirement to keep an 
individual on the losing organization's billet for the duration of the JDA tour, which may 
result in denial of the assignment, is a contentious issue; 2) JDA vacancies are not attracting 
candidates; and 3) JDA credit and waiver decisions are delayed awaiting policy and guidance. 

(U// FOUO) Management Action. The Associate Directorate for Human Resource 

Services concurred with the report, with minor administrative changes. 

(U) Overall Report Classifications. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Human Capital 


(U) China and Korea Missions; NSA/CSS IG; IN-08-0001; 30 September 2008 


^S//REL) Summary. Our inspection of the China and Korea Production Center found 
that, with few exceptions, mission delegation and execution are working well, internal and 
external partnerships are positi ve and productive, and customer satisfaction is high. However, 
the following concerns surfaced:] 


(b) (1) 

(b)(3)-P.L. 86-36 


(U//F pt)O i) Management Action. Management concurred with the recommendation and 

is taking corrective action. 

(U) Overall Report Classifications. TOP SECRET//COMINT//NOFORN 
(U) Category. Joint War fighting and Readiness 
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(b) (6) 




(U) Time & Attendance Fraud; NSA/CSS IG; IV-O7-O0i9' 

• * * *.** * 

(UA TOU Q) Summary. The OIG substantiated an j^llegation thaf,* netween March 2006 
and March 2007, a GG-13 NSA employee intentionally subjnit te*d false and irf a^curate 
timesheets for a total shortfall to the government of 786 hpufs.* On | [ the employee 

1 • ^ ^ ^ ^ ^ _ 1 ^ * 1 _ _ 1* nn •- -- — - -- 



ordered the employee to pay the government restitution in the amount of [ 


(U) Management Action. The employee resigned from the Agency in lieu of termination. 
In view of the criminal conviction, the matter was referred to the Associate Directorate for 
Security and Counterintelligence for security clearance action. 

(U) Overall Report Classification UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Time and Attendance) 


(U) Procurement Fraud Initiative; NSA/CSS IG; Various Control Numbers; 

1 April 2008 to 30 September 2008. 

(UAi^OUO) Summary. In October 2007, we launched an initiative to identify fraudulent 
billings by NSA/CSS contractors. This initiative involves the interrogation of contractor access 
data, coordination with company compliance officials, analysis of billing records, and the 

investigation of access and billing anomalies. 

(UA HFOUO) After twelve months, our initiative has produced significant results. To 
date, we have identified several hundred potential mischarging matters and completed more 
than 40 mischarging investigations. These investigations have revealed more than 9,000 hours 
charged by contractors for fraudulent billings or out-of-scope work. Recoveries for these 
hours will exceed $1.2 million. In most of the instances where fraud has been substantiatied, 
the company has terminated the offending employee. Some examples include: 

(U//P0U0tIV-O7-OO55. A subcontractor employee fraudulently billed the government 
298 hours (approximately $56,000) for non-work activities. The company reimbursed the 

government the full amount. 

(U/ /FQUO) IV-07-0042. A subcontractor employee fraudulently billed 374 hours 
(approximately $39,000) for time spent at lunch. The company reimbursed the government 

for the full amount. 

(U/ /FOUO ) IV-08-0006. A contractor employee fraudulently billed 910 hours 
(approximately $68,000). The employee admitted to billing the government for time spent 

taking college courses. 

(U/ /FOUQ ) IV-08-0014. A subcontractor employee admitted to billing 582 hours 
(approximately $98,000) for contract work performed at home, which was specifically 
prohibited under the contract terms. The contractor has offered $250,000 to settle all claims 
for out-of-scope work performed by its employees on that contract. 

(U//POUO) IV-08-0043. A contractor employee fraudulently billed 751 hours 
(approximately $82,000) for time spent taking care of personal matters during the workday. 
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The employee admitted to billing the government for personal matters. 

(U) Special Inquiry: Employee Concerns - Yakima Research Station (YRS), WA; 
NSA/CSS IG; ST-08-0023; September 2008 

(U// FOUO) Summary. A spate of complaints from Yakima Research Stations (YRS) 
employees concerning work relationships prompted a quick reaction special study by the OIG. 
The study found that portions of the relatively small YRS workforce had become factionalized 
harming work relationships and creating discord. The new Chief of Station, YRS, who arrived 
only weeks prior to the OIG visit, has since restructured the site leadership team. This change 
appears to have substantially improved the situation. Additional recommendations regarding 
promotion administration and training for a specific work center were provided to the new 

Chief of Station. 

(U) Overall Report Classification. SECRET//COMINT 
(U) Category. Other (Intelligence Support/Standards of Conduct) 

(U) OIG-Directed Management Inquiry: Hostile Work Environment Allegations - 
NSA/CSS Texas; NSA/CSS IG; CO-08-0635; August 2008 

(U//f QUO - ) Summary. The OIG tasked the NSA/CSS Texas command to conduct a 
management inquiry into actions by a mid-level manager who had been accused by several 
subordinates of hostile and abusive treatment. The management inquiry substantiated several 
instances during which the manager used abusive or profane language. The report has been 
forwarded to the NSA Office of Employee Relations for appropriate action. 

(U) Overall Report Classification. U//FOUO 

(U) Category. Other (Intelligence Support/Standards of Conduct) 

(U) Misuse of Government Resources; NSA/CSS IG; CO-08-0384, CO-08-0403, CO-08-0453, 
CO-08-0454, CO-08-0455, CO-08-0517, CO-08-0525, CO-08-0526, CO-08-0563, CO-08-0673. 
CO-08-0674, CO-08-0723, CO-08-0724, CO-08-0771, CO-08-0791, 1 April 2008 to 
24 September 2008. 

(U// FOUQ ^ Summary. The OIG substantiated 15 allegations of NSA affiliates’ misuse of 
government resources (e.g., accessing adult-oriented material through the Agency’s unclassified 
Internet network). 

(U) Management Action. Subjects in these cases were civilian employees, military 
affiliates, and NSA contractor employees. Discipline ranged from a letter of warning to reduction in 
grade. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(U) Category. Other (Computer Misuse) 
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(U) NSA/CSS OIG ACTIVITIES RELATED TO 


COUNTERTERRORISM 


(U/ /rOU 0^ Advisory Report on Decompartmentation Plans for Counterterrorism 
Special Programs; NSA/CSS IG; ST-08-0018; 30 June 2008 

(U/ /FQUO) Summary. Our advisory report found that the Program Management 
Office (PMO) was diligent and thorough in assessing the scope and complexity of removing 
data from the compartmented program while ensuring compliance with laws, regulations, and 
other mandates. The content, communication, and assignment of supporting plans were 
adequate to provide reasonable assurance of compliance and successful implementation. 
Although a solid foundation of planning was in place, supporting plans need fine tuning. We 
made no formal recommendations;however, management should consider the need for more 
detailed written plans and firm milestones in the areas of document preservation, reporting, 
and debriefing. Most importantly, because the Program Management Office has formally 
disbanded, former PMO members and NSA leadership must rigorously monitor remaining 
actions to ensure that the decompartmentation is successful. 

(U) Overall Report Classification. TOP SECRET//COMINT//NO FORN 
(U) Category. Joint Warfighting and Readiness 


(b) (3)-P.L. 86-36 


(U) 




NSA/Ci5'Sl(:J:[ 


- 

♦ ♦♦ . 


• * * •w * ♦ * 

^0//RCL) Su mmary. Th ^ objertiYes-of this inquiry were to identify^kutlrorities for the 
handling of data in| ]qnd*tO ‘determine if policies and proc^durjiS are in place and- 


loiiowea 10 ensure compliance wiin inose auinonties. we aisnre^ 
practices for llnformation Systems. Our special study .found 

ae,\yea system security, 
rtat overall the Associate 
Its compliant with NSA’s 

Directorate for Security and Counterintelligence (ADS&CI)1 

authorities. 1 

. 

■ ♦ ♦ 

. ■ « 

■ RPSifcCI obtained required approvals foH 

[ T~1 !“ 

^ I^rtified and accredited b'y the Technology I 

)irectorate. ADS&CI ■ 


data, and p'roviding review results to the Office of General C ounsel. A lthough ADS&Cl! 

CZ_P" 


inanagement-has established a good control envirpnftient, some]_pnforijiation systeiris 

■ improvem€iits are needed, and the T echnology Directorate must improve oversight of j I 

I [system security practices. 

(U/ /F O UQ) Management ^tion. ADS&CI management concurr ed with o ur findings 
Their planned actions, which.will further reduce the risk associated with | l operations, 

jneet the intent of our recommendations. 


4 

I 


(b) (1) 

(b) (3)-P.L. 


86-36 


(U) Overall Report Classifications. SECRET//REL TO USA, FVEY 
(U) Category. Joint Warfighting and Readiness 
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(b) (3)-50 use 3024 (i) 
(b) (3)-P.L. 86-36 




(b)(1) 

(b)(3)-P.L. 86-36 



(U) SEMIANNUAL RElfORT TO TltE CONGRESS 

• . ■ * ■* 

(U) For the Period October 1, 2006 Through March 31,2007 

m 
■ 

\ I 


_, NSA/CSS IG 

](all thre$ reports) 


(C//nEL) Summary. We visited three 


sites selected 


' on the basis of risk, location, and reported oversight issues. Our reviews assessed site 
; operations, local customer support activft i^s. and compliance wiriyntelligence oversight 
• requirements and j ~[ Based on our findings, ] i nanagement agreed 

■ to oversee and clarity local tasking procedures; clafky and enforce the requirement that all 
sites conduct emergency de struction drills: and to nroiic^e safety training' for personnel 


(U) Overall Report Classifications. TOP SECRET//COMINT (all three reports) 
(U) Category. Joint Warfighting and Readiness 


(b) (3)-P.L. 86-36 


(U) special United States Liaison Officer Canberra, Austraiia; NSA/CSS iG; 

IN-06-0008; 16 October 2006 

(U/W^0UO) Summary. Our inspection of the Special U. S. Liaison Officer Canberra 
(SUSLOC) found that he and his team are effectively representing the Director, National 
Security Agency/Chief, Central Security Service (NSA/CSS) and the Agency. They have the .' 
confidence of their cou nterparts in the Australian and New Zealand Signals Intelligence 
(SIGINT) organizations 


(U) Management Action. Management concurred with all recommendations; 
corrective actions are underway. 

(U) Overall Report Classification. TOP SECRET//COMINT//REL TO USA, AUS, 
CAN, GBR, NZL 

(U) Category. Joint Warfighting and Readiness 


Derived From: NSA/CSSM 1-52 
Dated: 20070108 
Declassify On: ^02010 8 
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(U) Data Handling Controls Over a Sensitive SIGINT Database; NSA/CSS IG; 
ST-06-0019; 17 October 2006 [(bT'o) -p-l. 

(U //FOUO) Summary. The NSA/CSS Office pf the Inspettbf General (NSA OIG) 
conducted a special st udy to fb llpwap-on'a l' ' — 

of Inspector General’s | piG) inquiry on a data handling incident. The incident 


(U) Management Action. Management concurred with our findings and agreed to 
take corrective action. 


(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 


(U) Category.' Joint Warfighting and Readiness 


(U) Information Warfare Support Center; NSA/CSS IG; IN-06-0001:19 October 2006 

(U//FOUO) Summary. The Information Warfare Support Center (IWSC) brokers 
the SIGINT aspects of the information operations ( 10 ) needs of the combatant commands 
with NSA/CSS and other Department of Defense, Intelligence Community, and government 
organizations. Our inspection found that, while IWSC customers are generally 
complimentary about the support they receive, many are confused by the emergence and 
continuing evolution of other NSA/CSS organizations engaged in various aspects of 10 . In 
addition, loss of personnel and funding issues make it increasingly difficult for the IWSC to 
provide the level of service customers seek. The inspection determined that maintaining the 
organizational status quo is not the best course of action. We also found that: i) customer 
representatives and internal partners do not understand the IWSC’s roles and 
responsibilities and its relationship with the Joint Functional Component Command for 
Network Warfare and the NSA/CSS Threat Operations Center; 2) NSA cannot accurately 
track personnel on Joint Duty Assignment billets and; 3) the IWSC has not corrected five 
findings from a Communications Security audit in 2003, that, combined with two incidents 
in 2005, indicate a serious problem that requires urgent attention. 

(U) Management Action. Management concurred on all recommendations and is 
taking corrective action. 

(U) Overall Report Classification. TOP SECRET//COMINT//REL TO USA, AUS, 
CAN, GBR, NZL 

(U) Category. Joint Warfighting and Readiness 


dECM]r//RCL TO U9A,AU9, ODIt, mimoDwioo 
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(U) Directorate of Engineering; NSA/GSS IG; IN-06-^0011; 6 November 2006 

(0)Vn[rt) Summary. Our organizational inspection of the Directorate of Engineering 
(DE) found that, despite significant progress in recognizing that Systems Engineering (SE) 



(U) Management Action. The Director for Business Management and Integration 
and the Chief Systems Engineer are already acting on our recommendations. 

(U) Overall Report Classification. SECRET//REL TO USA, AUS, CAN, GBR, NZL 

(U) Category. Joint Warfighting and Readiness 


(U] NSA/CSS Texas; NSA/CSS IG, INSCOM IG, AIA IG, NNWC IG; JT-06-0004; 

5 December 2006 |(b)( 3 )-p.L. se-aei 


(U 7 ‘/P©UO) Summary. The IG organizations of the U.S. Army’s Intelligence'.and 
Security Command (INSCOM), Air Intelligence Agency (AIA), Naval Network Warfare 
Command (NNWC), and NSA conducted a joint inspection of NSA/CSS Texas (NSAT) in 
August 2006. The team found that NSAT is struggling to transform and grow its missions 



(U) Management Action. Management concurred with the findings of the joint 
inspection team and is taking corrective action. 


(U) Overall Report Classification. SECRET//COMINT//REL TO USA, AUS, CAN, 
GBR, NZL 


(U) Category. Joint Warfighting and Readiness 
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(U //FOUQ) Inspector General Reviews That Indicate Major Systemic Issues; 

NSA/CSS IG; ST-07-0012; 21 December2006 | (b)(3)-P.L. 86-36 | 

(U//FOUO) Summary. At the request of the Deputy Chief of Staff, the Office of*the 
Inspector General identified reviews that it completed from 2000 to the presen t that** 
indicated major systemic issues at NSA. The OIG assigned'the following [categories to .* 

these reviews:! f 


(U) Overall Report Classification. TOP SECPtET//COMINT//NOFORN 
(U) Category. Joint Warfighting and Readiness ‘^ ’ 


(b) (1) 

(b) (3) -50 use 3024 (i) 
(b)(3)-P.L. £6-36 


(U) Satellite Modernization Program; NSA/CSS IG; AU-06-0007A: 21 December 2006 *. 

Summary. An audit of j detected an issue that 


(U) Management Action. Given the competing priorities for funds within the 
Agency, the Signals Intelligence Directorate will decide, based on a new life cycle cost 
estimate, whether to pursue different alternatives for this important modernization 
program. 

(U) Overall Report Classification. TOP SECRET//COMINT//RELTO USA, AUS, 
CAN, GBR, NZL 


(U) Category. Joint Warfighting and Readiness 


(b) {3)-P.L. 86-36| 
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(b) (3) -P.L. 86-36^ 



(U) Management Action. Management concurred with all recommendations and 
corrective actions are being taken. 

(U) Overall Report Classification. SECRET//COMINT//TALENT 
KEYHOLE//REL TO USA, AUS, GBR 

(U) Category. Joint Warfighting and Readiness 


(U) NSA/CSS Georgia; NSA/CSS IG, INSCOM IG, AIA IG, NNWC IG; JT-07-0001; 

5 February 2007 

(U//rOUO) Summary. The joint inspection team conducted an inspection of 
NSA/CSS Georgia (NSAG) and found that the importance of the NSAG mission, which 
directly supports the Global War on Terror, is a great motivator for the entire workforce. 
Civilian and military leaders have forged good working relationships. Nonetheless, fissures 

are apparent, related to confusion arising from governance issues and the “pause” in_ 

resourcing Mission Build-Out. The near-term viability of some of the new miss inTis 

_ _ I should be 

reassessed in light ot the " pause," which is attectlng morale, particularly tor asgign^s sent 
to stand up new missions. 

need to work with Global Capabilities Managers at NSA, W^slungton (.NSAWJ- to clearly 
define the division of effort between NSAG and NSAW target offices. Absent formal 
guidelines on the “Run Rich” approach to hiring, we found instances where as JnqYiy as] 

people were assigned to a single billet. ’. • • / 

■ • 

■ # 

(U) Management Action. Management concurred with the findings of the joint 
inspection team and is taking corrective action. - ! 

(U) Overall Report Classification. SECRET//COMINT//REL TO USaJ AUS, CAN, 
GBR, NZL • 


(U) Category. Joint Warfighting and Readiness 


(b) (3) -P.L. 86-361' 


(U) Electronic Funds Transfer; NSA/CSS IG; Ay»06-0019;:20 February 2007 

♦ * ■ ■* 

(U//rOUO) Summary. The Agency has hot fully complied with the law fin effect 
since 1998) that requires the use of elegt rdnic fund transfer (EFT) for virtually-all 
disbursements. After the theft ol fl l U.S. Treasury checks worth about i '; t the 
NSA Comptroller launched an effort to in crease the use of EFT for accounts payable 
transactions; EFT for these payments rose | [ in April 2006 to] 

in September 2006. The Agency has achieved good compliance in two areas — payroll 
(about 99 percent) and travel (about 94 percent) of FY2006 transactions — but still falls 
short of the law’s intent, particularly in the area of accounts payable. We found two 
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principal reasons why checks are still issued for about | I transactions that, by law, 
should be pro cessed electronically: the Agency’s current financial systems are unable to 
handle l to rocesses needed for EFT and the Accounting and’Financial Services 
organization nhs ng overall process to identify and document the justification for those 

recipients who are paid'by.qbeck. 

• • ^ ♦ 

(U) Management Action/The Dirptorate of Finance concurred with two 

recommendations and is working with the! * • . TDffice to implement 

the third. \ 


(U) Overall Report Classification. TOP SECRET//C*aMlNT//NOFORN 

* • , ♦ 

(U) Category. Financial Management * • • t.,_ 


|(b)(3)-P.L. 86-36 

. • ; ^ V * 

(U) Communications Security Accountability Program; tJSA/CSl^rG* AU-06-0004:’. 

2 March 2007 ' 

. • • * * # • ^ / ' 
(U/t'POUO) Summary, The audit found thatthe Agency cannqt account for all of 
the Commun icatio ps Security (COMSEC) mgtefrial assigned to its Central Office of Recoid. 

For example, [ [ COMSEC items in the|* * [accounts we sampled were missing. This lack^f 
accountability is a direct res idt of tHe antiquated and labor-intensive process used to 
account for COMSEC iteraS. • f*. 


p s very inefficient and prone to errors..‘Moreover, when government 
(military and civilian) users reported lost COMSEC material, there was no independent ' 

investigation to determine the cause. We also found that many COMSEC audits and _' 

semiannual inventories were overdue;! T* 


(U) Management Action. Management officials agreed to act on our 
recommendations to resolve the internal control weaknesses within the COMSEC 
accounting program. 


(U) Overall Report Classification. SECRET//NOFORN 
(U) Category. Joint Warfighting and Readiness 


(U) Electrical Power Consumption at NSA; NSA/CSS IG, AU-07-0004: 6 March 2007 
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(U) Management Action. Management agreed to implement our recommendations; 

(U) Overall Report Classification. TOP SECRET//COMINT//TALENT 
KEYHOLE//NOFORN _ 

(U) Category. Other (b) (3 )-p.l. 86-36 


(U) Leased Facilities Plaoning and Fit-up; NSA/CSSIG, AU-06-0020; 16 March 2007 

(€//ftEt) Sumindry. The audit followed up on a h allegation regarding problems 
that delayed occupan cy of the new building to house the] 

I j- ■ . '■ „ ^ Problems in fitting up two leased facilities, 

including the | [ revealed serious flaws in project oversight by the Facilities Services ■ 
organization. Long delays and a ft incom plete communications infrastructur 
cost of activitie s conducted at th j I The Agency paid lease costs of about 




Most of these problems can be traced to the lack ot comprehensive project management' T 

with clear lines of authority. ! 

(U) Management Action. The Office of Facilities Services, Office of Physical .’ •* 
Security, the Information Technology Directorate, and the Information Assurance ' .* 
Directorate concurred with our recommendations and have already begun corrective action. 

(U) Overall Report Classification. SECRET//COMINT//NOFORN :/ 

(U) Category. Joint Warfighting and Readiness fTbMTl—'- 1 * 

(b) (3)-P.L. 86-36 
-^- 

(U) NSA’s Secure Cellular Phone Program; NSA/CSS IG, ST-06-0010; 

22 March 2007 

♦ 

(6//nEi) Summary. The Agency purchased over 
secure cell phones, primarily due to Congressional earmSFl lur special study found ttiat. 




(8//REL ) Management Action. LAD agreed to implement our recommendations 
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(U) Overall Report Classification. TOP SECRET//COMINT//NOFORN 
(U) Category. Joint Warfighting and Readiness 


(U) Office of the Middle East and North Africa; NSA/CSS lG:IN-06-0006; 

30 March 2007 

(U//FOUO) Summary. The Middle East & North Africa Office (MENA) produces 
Signals Intelligence (SIGINT) to satisfy information needs (INs) of combatant commands 
and other Department of Defense (DoD), Intelligence Community (IC), and government 
organizations pertaining to MENA’s targets of primary concern. Our organizational 
inspection found that MENA customers are generally complimentary about the support 
they receive, and MENA partners reported having a professional, collaborative working 
relationship with MENA Office personnel. However, MENA’s SIGINT Development 
(SIGDEV) Division is not centrally managing all MENA SIGDEV activities to optimize 
collaboration and weigh the trade-offs between day-to-day production and future target 
development. 



(U) Management Action. Management concurred with all recommendations and 
has already begun taking corrective action. 

(U) Overall Report Classification. SECRET//COMINT//REL TO USA, AUS, CAN, 

GBR, NZL 

(U) Category. Joint Warfighting and Readiness |(b) ( 3 )-p.l. se- sei 


(U) Human Resources Information Technology Modernization; NSA/CS^*IG; 
IN-06-0004; 30 March 2007 

(U //rOU0 3 Summary. Various types of human resource (HR) data*about Agency 
affiliates is scattered in directories and databases -j — throughout the 

Enterprise. This longstanding problem means that decision makers at NSA Headquarters 
cannot get all the HR information they need when they need it. The proposed solution, 








Doc ID: 6672185 
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(U) Management Action. Management concurred with all recommendations; 
however, resolution will require leadership from the highest levels of management. 

(U) Overall Report Classification. SECRET//REL TO USA, AUS, CAN, GBR, NZL 

(U) Category. Human Capital 

(U) Labor Mlscharging; NSA/CSS IG; IV-06-0059; 26 October 2006 

(U/^'TOUO)' Summary. The OIG substantiated an allegation that a contract, 
employee mischarged 105.90 labor hours while working on NSA contracts during the 2005 
- 2006 timeframe. This amounted to approximately $ 21,211 in charges falsely billed 
against NSA contracts. The contractor reimbursed NSA that amount. The employee had 
resigned from the company prior to the start of our investigation. The U.S. Attorney’s 
Office, District of Maryland, declined prosecution due to the contractor’s cooperation and 
reimbursement to NSA. 

(U) Management Action. Company made restitution in accordance with our 
findings. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Contract Fraud) 

(U) Labor Mlscharging; NSA/CSS IG; IV-06-0060; 20 November 2006 

(U//FOUO) Summary. The OIG substantiated an allegation that a contract 
employee mischarged 344-5 labor hours while working on NSA contracts during the 2005 - 
2006 timeframe. This amounted to approximately $ 50,065 in charges falsely billed against 
NSA contracts. The contractor reimbursed NSA that amount. The U.S. Attorney’s Office, 
District of Maryland, declined prosecution due to the contractor’s cooperation and 
reimbursement to NSA. 

(U) Management Action. Company made restitution in accordance with our 
findings. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Contract Fraud) 

(U) Labor Mlscharging; NS/V/CSS IG; IV'06-0061; 23 February 2007 

(U/ZPOUQ) Summary. The OIG substantiated an allegation that a contract 
employee mischarged NSA contracts during the 2005 - 2006 timeframe. This amounted to 
approximately $ 10,000 in charges falsely billed against NSA contracts. The contractor 
reimbursed NSA that amount and the employee no longer holds a clearance to work on 
Agency contracts. The U.S. Attorney’s Office, District of Maryland, declined prosecution 
due to the contractor’s cooperation and reimbursement to NSA. 

(U) Management Action. Company made restitution in accordance with our 
findings. 
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(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(U) Category. Other (Contract Fraud) 

(U) Time and Attendance Investigations; NSA/CSS IG; IV-06-0038 (13 Oct 06); 
IV-06-0040 (18 Oct 2006); IV-06-0049 (14 Mar 2007); IV-06-0055 (30 Nov 2006); 
IV-06-0063 (1 Dec 2006); IV-07-0005 (19 Mar 2007); IV-07-0006 (12 Mar 2007) 

(U //F0UO ) Summary. The OIG substantiated seven allegations of Time and 
Attendance abuse, wherein employees claimed over 3,037 hours in excess of those they were 
determined to have actually worked. In the aggregate, these cases will result in the recovery 
of approximately $ 108,300 in funds paid to employees for hours falsely claimed. 

(U//FOUO) Management Action. Administrative recoupment action will recover 
the $ 108,300 mischarged to the agency, and the responsible employees were referred for 
additional administrative disclipinary action. 

(U) Overall Report Classifications. UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(all referenced investigations) 

(U) Category. Other (Fraud) 


(U) Diploma Mill Degree; NSA/CSS IG; IV-06-0053, 7 March 2007 

(U) Summary. The OIG received information that an Agency employee may have 
received his Bachelor of Arts degree from a “diploma mill.” Our investigation concluded 
that the employee deliberately misrepresented his credentials and qualifications to NSA 
when he claimed a Bachelor of Arts degree from a non-accredited institution. 

(U) Management Action. This matter was referred to NSA Employee Relations for 
disciplinary action. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Waste of Resources) 


(U) Procurement Fraud/Criminal Conflict of Interest - Felony Conviction; 

NSA/CSS IG; IV-05-0038 


(b) (6) 


, • • 

(U) Summary. As the result of a n 18 -month NSA OIQ investigation, a former GG- 
14 NSA employee within lAD pled guilty ! to a felony violatio n of the 

Federal criminal conflict of interest statute, 18 U.S.C. § 208 . p e was 

sentenced to two years probation, six months home confinenient, 50 hours community 
service, and a $ 100,000 fine (payable in 15 days). During his employment with N SA, this 
individual co-created and directed thd I 

_ \ I 

At the same time he was i an NSA employee, companies o\^ed by 

him and/or his spouse obtained ! k upport-related government contracts or subcontracts 
totaling over $ 750 , 000 . As a result of the NjSA OIG investigation, the gover nment ^ncelled \ 
as unnecessary an ongoing $ 300,000 contract ifi supjiort'ofihe 2006 I [ thereby. • 

allowing funds to be put to better use. Further, NSA determined that, in the future, similar 
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(b) (3)-P.L. 86-36 


contracted support to th q I would not be requiredj resulting in a potential cost 
avoidance to the government of $ 1.5 million over the next 5 years. NSA is currently 
pursuing the debarment of both the former employee and the companies involved. 


(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(U) Category. Acquisition Processes and Contract Management 


(U) Waste of Agency Resources; NSA/CSS IG; IV-06-0054; 1 December 2006 

(U) Summary. This investigation was conducted in response to an allegation that an 
Agency employee receive d tuition assistance of $ 22,773 fr om the Agency in furtherance of a 
Doctoral degree from the | I but never completed any of the 

necessary scholastic work for this degree. We substiantea the allegation and concluded that 
the employee caused the Government to waste eight sem^pters’ worth of tuition payments. 

(U) Management Action. This matter has been referred for administrative action 
and recoupment of the funds from the employee. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Waste of Resources) 


(b) (6) 
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(U) NSA/CSS OIG ACTIVITIES RELATED TO 
COUNTERTERRORISM 


(U) Ongoing 


(U) Inspection of SID’s Chemical, Biological, Radiological, Nuclear'-MIsslon; 

NSA/CSS IG; IN-06-0002 

t9//REL) Background. Chemical, Biological, Radiological, and Nuclear (CBRN) 

terrorism is one of the most mena cing threats to U.S. security, and from a Signals _ ’ 

Intelligence (SIGINT) perspective,! ~[ 

( work the CBRN 

target from varying perspectives. The inspection is evaluating CBRN mission performance, 
including examining the execution of CBRN as a transnational target, assessing the impact 
of Mission Build-Out, and reviewing any funding or human resource issues. 

(U) Inspection of the Geospatial Exploitation Office; NSA/CSS IG; IN-06-0005 

(U//F QU01 Background The Geospatial Exploitation Office (GEO) began 
operations ini |GEO’s 


primary objective will be to assess GEO’s mission effectiveness and their ability to ratisfy 
requirements and information needs levied on the organization. The inspection will 
determine whether the current organization’s missions and functions are being properly 
executed in an efficient and effective manner; whether missions and functions are *. 
accurately portrayed and being accomplished; establish whether missions performed*are 
appropriately placed within the product line; and will identify any impediments, which 
hinder the efficient and effective execution of their missions and functions._^_ 

(b) (3)-P.L. 86-36 

(U) Special Studies of Counterterrorism Programs; NSA/CSS IG 

(U //rOUO) Background: While the NSA Counterterrorism Special Programs were 
being conducted under Presidential authority, the OIG performed continuous audits. The 
overall objectives were to determine whether there were appropriate policies and 
procedures in place for activities under the program consistent with the terms of the 
Presidential Authorization; to evaluate their efficiency and effectiveness in mitigating any 


(b) (1) 

(b) (3)-50 use 3024 (i) 
(b)(3)-P.L. 86-36 
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high-risk activities associated with the program; and to identify any impediments to 
satisfying the requirements of the Presidential Authorization. In January 2007 , all of these 
programs began operating under the authority of Foreign Intelligence Surveillance Court 
orders. For these new orders, the OIG is performing reviews in accordance with their 
terms, which specify that an initial review will be done to ensure that minimization 
procedures are adequate. 

(U) Planned 

(U) Assistance to ODNIIG for the Terrorist Watchlist Project; NSA/CSS IG; 

JT-07-0006 

(U) Background. The Terrorist Screening Center (TSC) maintains a consolidated 
terrorism watchlist that is populated by information from the National Counterterrorism 
Center (NCTC) and the Federal Bureau of Investigation (FBI). Agencies that possess or 
acquire terrorism and counterterrorism information, with the exception of purely domestic 
counterterrorism information, are required by Executive Order 13354 to promptly give 
access to such information to the NCTC. The NCTC provides a subset of that information to 
the TSC for inclusion on the consolidated watchlist. The Intelligence Community 
Inspectors General (ICIG) Forum agreed to coordinate a review of the processes for 
nominating individuals to the consolidated terrorist watchlist. The Offices of the Inspector 
General of the Office of the Director for National Intelligence (ODNI), Central Intelligence 
Agency (CIA), Department of Justice (DOJ), Defense Intelligence Agency (DIA), National 
Security Agency (NSA), National Geospatial-Intelligence Agency (NGA), Department of 
State (State), and Department of Treasury (Treasury) will participate in the joint review. 

(U) Advisory Report Associated with Expeditionary SIGINT Deployments To 
Hostile Areas; NSA/CSS IG; ST-07-0015 

(U//rOUO) Background. During 2005 , the IG conducted research into Agency 
activities associated with Expeditionary SIGINT Deployments to hostile areas. The 
resultant report (ST- 06-0001 - Advisory Report on the Activities Associated with 
Expeditionary SIGINT Deployments to Hostile areas) surfaced issues related to the 
candidate selection process, pre-deployment operations training, and corporate resolution 
of issues raised in after-action reports. The report also emphasized the need for appropriate 
IT support. The follow-up review will: a) determine if issues raised in the earlier report 
have been adequately addressed; b) assess the effectiveness of the changes/improvements 
that have been implemented; and c) surface any new issues. 
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(U) SEMIANNUAL REPORT TO THE CONGRESS 

(U) For the Period April 1, 2006 Through September 30,2006 

(U) Office of Physical Security’s Practices Relative to Protest Activity; 

NSA/CSS IG; ST-06-0012; 28 April 2006 

(U^TODO)" Summary. An article published in The Sun on 13 January 2006 alleged 
that NSA monitored members of the Baltimore Pledge of Resistance, a peace group tied to 
the Baltimore Emergency Response Network, as they prepared to protest at Fort Meade. 
The article also alleged that NSA used law enforcement agencies to track the activists. We 
^ conducted this special study to (a) identify the NSA Police authorities relative to the 

activities of protesters on or near NSA property; (b) determine if policies and procedures 
were in place to ensure compliance witih those authorities; and (c) determine if the policies 
and procedures were followed on 3 July 2004 during protests at NSA by the Baltimore 
Pledge of Resistance peace group. We found that NSA Police were authorized, pursuant to 
Section 11 of Public Law 86 - 36 , to protect buildings, grounds, and property solely under the 
administration and control of, and used extensively by NSA. We also concluded that NSA 
police acted in accordance with applicable authorities, policies, and procedures while 
performing duties associated with the protest activity. Finally, the Agency made no attempt 
to use the Signals Intelligence system to monitor this protest activity. 

(U) Overall Report Classification. CONFIDENTIAL//REL to USA, AUS, CAN, 
GBR, NZL 

(U) Category. Homeland Defense 

(U) Time Synchronization Issue; NSA/CSS IG; ST-06-0013; 19 May 2006 

(^) Summary. One of the many challenges the Agency faces when analyzing 
complex signals is the accurate measurement and retention of time-related information. To 
accomplish its various missions, NSA must reliably affix accurate time date stamps and, 
when available, geolocation information on all collected signals. After receiving reliable 
indications that NSA’s ability to affix and retain accurate time measurement is deficient, the 
OIG announced its intention to begin a special study of this subject. In response to similar 
indications, the Director, NSA announced the creation of the Time and Frequency 
Coordination Authority (TFCA or Authority) in May 2006 . As a result, we curtailed the 
special study to give the TFCA a chance to address the deficiencies we have reason to believe 
exist. We will therefore make periodic inquiries into TFCA’s progress in the coming 
months. 

(U) Overall Report Classification. TOP SECRET//COMINT 

(U) Category. Joint Warfighting and Readiness 

Derived From: NSA/CSSM 1-52 
Dated: 20041123 
Declassify On: 2029 11 29 — 

I Approved for Release by NSA on 07-01-2019, FOIA Case # 79825 (litigation) I 
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(U) Oversight Review of Restaurant Fund, CWF, and Gift Shop; NSA/CSS IG; 

AU-06-0015: 2 June 2006 

(U//rOUO) Summary. A firm of Certified Public Accountants (CPAs) issued 
■ unqualified opinions on the reliability of the financial statements of the Agency’s 
Restaurant Fund, Civilian Welfare Fund, and the Cryptologic Museum Gift Shop. Our 
oversight review of the CPA audit found no problems in the conduct of the recent audit by 
the CPA firm but identified two concerns: high-speed internet connection and 
nonappropriated fund instrumentality (NAFI) contract. Without a connection to high¬ 
speed internet service, the NAFI’s business and accounting services will continue to be 
highly inefficient. The current NAFI contract (and all option years) for the contract with the 
CPA firm that reviews Agency NAFIs has expired. A new competitive effort needs to be 
awarded and in place before 30 September 2006 so that the contracted CPAs can be on 
hand to observe the ending inventory. 

(U) Management Action. Management concurred with and is implementing our 
recommendations. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(U) Category. Financial Management 

(U) Award Fee Contracts; NSA/CSS IG; AU-06-0002; 30 June 2006 

(U;yF 0B0)-Summa ry. As of 1 October 2005 , NSA had award fees on l Icontracts 
valued at over I a udit reviewed la ward fee contrac ts valuedatl | 

with total available award rees of f" |^ arout 78 percent or I . :■ the 

award fees were paid out. We concluded that the*.^ency needs a consistent.aj:r|f>roach to 
these contracts so award fees achieVe Aeir purpose: to help control programirisk and 
improve contractor performance. The Agency’s abilily.to* evaluate contractor performance 
is impeded by ( 1 ) failure to document a basis (or the awar^ f^e percentage; ( 2 ) pward fee 
plans that do not allow for meaningful ratings ( 3 ).inconsisfent.evaluation m^hbdologies; 
and ( 4 ) the absence of formal training in how to administer award fee contradtsr. We also 
question the use of Time & Material-Award Fee contracts because* they place a 6 eavy 
administrative burden on the Agency and do not emphasize* acquiskign outcomes. 

(U) Management Action. Management concurred with eQI recojnmendations; 

corrective actions are underway. *♦.**.. 

* ♦ ♦♦ 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICi!^. pSE ONLY 

(U) Category. Acquisition Processes and Contract Management j(b) (3 )-p.l. 86-36 

♦ •• 

(U) Military Interdepartmental Purchase Requests and Economy Act Orders; 

NSA/CSS IG; AU-05-0008; 12 July 2006 . ♦ ’ * 

(U//rOUO) Summary. Over the last 2 fiscal years. Military Interdena A m fental 
Purchase Requests (MIPRs) and Economy Act Orders (^ Os) represented! pnd 
percent, respectively, of the total funds (ove j ( for each year) used to purchase 

goods and services for NSA. Our audit found that the current practice of delegating the 
authority to approve MIPRs/EAOs to Senior Executives or Flag Officers is not achieving the 
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(b)(3)-P.L. 


* 

intent of the law; MIPRs/EAOs are not reviewed by a Contracting Officer or an independent 
entity to see if there is a valid reason for bypassing theXHontracting Group; and the 
originating offices at NSA did little to monitor the billing and accounting for MIPRs and 
EAOs and did not always verify that goods and services were delivered; 

(U//rOUO) Management Action. Management concurred with our 
recommendation to update the draft policies to strengthen internal controls over 
MIPRs/EAOs but nonconcurred with the recommendation to establish a separate Agency 
oversight mechanism. This was resolved whm management agreed that the Acquisition 
Program Managers will now be responsible for oversight of MIPRs and EAOs. 

(U) Overall Report Classification: UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Acquisition Proces*ses and Contract Management 

♦ ■ 

_ 

IS-) ^ NSA/CSS IG; 

"fS) Summary. Our special study on ’ •», [ found 

the Cryptanalysis and Exploitation Services (CES) drgaijiption to be control conscious, 
with many strong management contro ls in p lace to ensure The integrity ot | i CES'can 

further improve internal controls over | j^ provided the procedufesior handling ! J | are 
formally reissued, properly coordinated, and'flilly address ihQ procedural and compiance 
issues cited in our report. .* . . • f _ 


(U) Management Action. Management concurred in our findings and 
recommendation, agreed to take corrective actions, and plan to complete all actions by 
31 December 2006. 

(U) Overall Report Classification. TOP SECRET//COMINT/NOFORN 
(U) Category. Joint Warfighting and Readiness 


(b) (1) 

(b)(3)-P.L. 86-36 


(U) Followup R^ ort on the ' | NSA/CSS 

IG; I | 21 July 2006 ^- [ 

_ 40 ^ Summary. Since 2003, the Aeencvl ^ 


■ _ ^ _iat NSA/CSS Hawaii, j_j_ 

initiatives were the subject of a finding and recommendation in the February 2005 Joint IG 
report at Hawaii. We closed the recommendation to address key policy shortfalls based on 
actions planned by the Directorate of Engineering fPE) and Coiporate Planning. During a 
followup inspection, we found that! ‘ 


and DE and Corporate Planning have not issued two policies that address 
deficiencies ricJted ii\ the 2005 Joint IG Report. 

***** * ’ " 

■fS) Management Action. .ly ianagement decided to withdraw the FY2bo6 funds 

[a nd “agreed to complete the relevapt polity documents 

dy January 2007. 

**"•-.**•• ♦ ■ 

(U) Overall Report Classification. TOP SECRET//G6MlNT/^TALf;NT 
KEYHOLE//RELTOUSA,AUS,CAN,GBR,NZL * ■*‘'***•*^-(11- 

(b) (3)-P.L. 86- 
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(U) Category. Joint Warfighting and Readiness 


(b)(3)-P.L. 86-36 


(U) FY 2006 Report on Compliance with the Federal Intorhi^tron ^curity 
Management Act at NSA/CSS; NSA/CSS IG; AU-p6^aob9; July/2006 

(U//rOUO) Summary. NSA is making a conceited effort to address the weaknesses 
identified in our FY2005 audit of co.rapliance with The 'Federal Infi^mation Security • 

Management Act (FISMA). D.espfte continuing iiijpediments, the'Agency’s Chief ’• 
Information Office (CIO) m'a’de progress in eating out the Plan*of iVetion and Milestone to 
address the certiQcation and accreditation tC&A) of Agency systeitls •- identified as a * 
material we akness in FY2002. By June ‘^006, about] [of all Agency systems and ’• 


J* of mission-critical systems^ (compared to 


_J a year ago) were fully 


accredited. Ou r FY2006 FISMA review found weaknesses from priejr years that were.’ not 
fully mitigated:| . * ♦ * . f 


T 


1 


(U) Managen\ent Action. The CIO continues to make progress in addressing 
FISMA requirements. This includes holding bi-weekly meetings to-track and report C&A 
progress and challenges for mission-critical systems. In addition, tiie Office of Information 
Assurance S^nhees reviewed C&A data for accuracy, and the CIO engaged an outside firm to 
do a comp lete review of NSA’s operational information security program. This resulted in 
fr ecommendations, which the CIO has used to baseline its budget for FY2007. This 
improved the CIO’s ability to capture important IT security performance measures, as 
required by FISMA legislation. 


(U) Overall Report Classification. TOP SECRET//COMfNT//NOFORN 
(U) Category. Information Technology Management 


(U) Alaska Mission Operations Center; NSA/CSS IG, AIA IG; NNWC IG; JT-06-0002; 
4 August 2006 


-(G) Summary. A joint team of inspectors from the Air Intelligence Agency (AIA), 
Naval Network Warfare Command (NNWC), and NSA Inspectofs General conducted the 
first joint inspection of the Alaska Mission Operations Center (i^OC). Although the 
AMOC was officially 2 years old at the time of this inspection, we found no Concept of 
Operations or Implementation Plan for establishing the Center,' Although progress is being 
made in attaining the presumed intent for the AMOC, progress.ls impeded by the lack of 
clearly defined authorities, responsibilities, processes, and chains of command. We also 
found that the Intelligence Oversight program needs many adjustments— some major and 
some minor, and Mission Operations was in transition, taking bn new missions from other 
sites and working to expand ] ; —[ Overall, 

communications and computer systems and Network operatiem s were well managed, but 


(U) Management Action. Management concurred in all recommendations and 
corrective action is being taken. 


(b) (1) 
(b) (3)- 


P.L. 86-36 
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(U) Overall Report Classification. SECRET//COMINT//REL TO USA, AUS, CAN, 
GBR, NZL 


(U) Category. Joint Warfighting and Readiness 


(U) Asset Management and Cost Allocation for GROUNDBREAKER Contract; 

NSA/CSS IG; AU-06-0001; 18 September 2006 

(U//rOUO) Summary. The GROUNDBREAKER (GB) contract supports the 
Agency’s non-mission Information Technology (IT) infrastructure. Each month GB bills the 
Agency for basic services in four service areas: Distributed Computing, Networks, 

Telephony, and Enterprise Management. Our audit recommendations focused on 
improving asset management, personnel data, and other areas. In asset management, we 
found process deficiencies in physical inventories and discrepancies in inventory data that 
contributed to a r~b ercent inventory record error. Based on the results of our random 
statistical sample forUctgber 2005, we projected the Agency may have been over billed by 
$ 346 » 630 - Regarding persorirfel dg;ta,| 

[ . 

[ Based on this process, our sample indicated a potential over payment of about . .* 

$ 126,000’ for October 2QQ5. _ ' * • . . 

(U) Management Action. Managefnent concurred in all recommendations and .*/ 
corrective action is being taken. .^ • 

(U) Overall Report Classification. CONF 1 DENTIAL//PROPIN 1^_(3 ) -p.l. ee^ 

(U) Category. Acquisition Processes and Contract Management 


(U/ TOUO) -Joint Defense Facility Pine Gap; NSA/CSS IG, AIA IG; NNWC IG, 
INSCOM IG; JT-06-0003; 21 September 2006 


■fG)-6ummary. A joint team of inspectors from the the Air Intelligence Agency 
(AIA), Naval Network Warfare Command (NNWC), Intelligence and Security Command 
and NSA Inspectors General conducted a joint inspection of the Joint Defense Facility Pine 
Gap (JDFPG). We found a very strong mission focus at the site. However, two problems 
that impede mission operations require immediate attention from senior leadership: 


(U) Management Action. Management concurred in all recommendations and 
corrective action is being taken. 


(U) Overall Report Classification. TOP SECRET//COMINT//TALENT 
KEYHOLE//REL TO USA, AUS, GBR 


(b) (1) 

(b) (3)-P.L. 86-36 
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(U) Category. Joint Warfighting and Readiness 

(U) NSA’s Ability to Detect, Contain, and Recover from Computer Security 
Incidents; NSA/CSS IG; AU-05-01 IB; 26 September 2006 

(U/?TOUO) Summary. The audit objective was to determine if NSA/CSS has 
effective and efficient internal controls to prevent, detect, analyze, contain, and recover 



(U) Management Action. Management concurred in all recommendations and 
corrective action is being taken. |(b) ( 3 )-p.l. 86-36 

(U) Overall Report Classification. TOP SECRET//COMINT//NOFORN 

(U) Category. Information Technology Management 


(U) Corporate pommunications Strategy Group; NSA/CSS IG; IN-05-0003; 

27 September 2006 

■(0) Summary. Our organizational inspection found that the Agency’ 
communications and multimedia activities have not been centralized in the Corporate 
Communications Strategy Group. As seen in OIG reviews of other corporate enablers, the 
mission organizations eventually regrow these functions, using mission funds and 
personnel, when corporate sponsors cannot provide support. For example, we found that . 
the Corporate Communications Strate gy Group is not aware of nor does it have oversight ; 
over Agency contracts-totaling aboutf [• 



(U) Management Action. Management concurred in all recommendations and 
corrective action is being taken. 


(U) Overall Report Classification. SECRET//COMINT//RELTO USA, CAN, GBR, 

NZL 

(U) Category. Information Technology Management 
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(U) Time and Attendance Investigations; NSA/CSS IG, IV-05-0034, 18 July 06; 

IV-06-0011,22 May 2006; IV-06-0013,12 September 2006; IV-06-0027, 

15 August 2006; IV-06-0030, 7 September 2006; IV-06-0033, 20 Jun 2006; IV-06-0035, 

4 August 2006; IV-06-0036, 29 June 2006; IV-06-0043, 20 June 2006; IV-06:0046. 

15 September 2006; IV-06-0052, 26 September 2006 

(U) Summary. The OIG substantiated eleven allegations of Time and Attendance 
fraud. In the aggregate, these cases will result in the administrative recoupment of 
approximately $93,000 in Government funds paid for duty hours falsely claimed. 

(U) Overall Report Classifications. UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(all referenced investigations) 

(U) Category. Other (Fraud) 

(U) Labor Mischarging; NSA/CSS IG; IV-06-0012;26 September 2006 

(U/ypOUO) Summary. The OIG substantiated an allegation that a contract employee 
mischarged 135 labor hours while working on NSA contracts during the 2003 - 2005 time 
period. This amounted to approximately $19,000 in charges falsely billed against NSA 
contracts, and the contractor reimbursed NSA that amount. The contractor also terminated 
the employee. The United States Attorney’s Office, District of Maryland, declined 
prosecution due to the contractor’s cooperation and reimbursement to NSA. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Fraud) 

(U) Labor Mischarging; NSA/CSS IG; IV-06-0028; 26 September 2006) 

(U//rOUO) Summary. The OIG substantiated an allegation that a contract employee 
mischarged 185 labor hours while working on NSA contracts in 2005. This amounted to 
approximately $36,300 in charges falsely billed against NSA contracts, and the prime 
contractor has agreed to reimburse the NSA by that amount. The prime contractor 
terminated the employee. The United States Attorney’s Office, District of Maryland, 
declined prosecution due to the prime contractor’s cooperation and reimbursement. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Fraud) 

(U) Falsification of an Official Document; NSA/CSS IG; IV-06-0034; 21 July 2006 

(U//FOUO) Summary. The OIG substantiated an allegation that a GG-13 NSA/CSS 
employee falsified the rating score on his 2005 Performance Review, forged management 
signatures, and submitted the document to the Agency in support of his 2006 promotion 
application. The matter was referred for disciplinary adjudication. 

(U) Overall Report Classification. UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category. Other (Fraud) 
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(U) Travel Voucher Fraud; NSA/CSS IG; IV-06-0008,26 September 2006; 

IV-06-0009, 22 September 2006; IV-06-0024, 14 August 2006 

(U//rOUO) Summary. The OIG substantiated three allegations of travel voucher 
fraud. Two investigations involved false travel expense report claims for Personally 
Operated Vehicle mileage by an NSA employee and an NSA military assignee. A third 
investigation involved an employee who repeatedly remained in country longer than 
necessary on OCONUS TDYs, and falsely claimed per diem on his travel vouchers. The 
Agency will recover a total of approximately $20,000 in Government funds as a result of 
these three investigations. 

(U) Overall Report Classifications. UNCLASSIF 1 ED//F 0 R OFFICIAL USE ONLY 
(all referenced investigations) 

(U) Category. Other (Fraud) 

(U) Misuse of Government Resources; NSA/CSS IG; IV-06-0023;14 June 2006 

(U;^i‘rOUO) Summary. The OIG’s Offices of Intelligence Oversight and 
Investigations conducted a joint inquiry into an'allegation that an NSA/CSS employee 
violated applicable law and regulation by using Government property for unauthorized and 
unofficial purposes. The inquiry substantiated the misuse allegation and the matter was 
referred to the NSA OGC for consideration of referral to the Department of Justice. 

(U) Overall Report Classification. TOP SECRET//COMINT 

(U) Category. Other (Misuse of Resources) 
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(U) NSA/CSS OIG ACTIVITIES RELATED TO 
COUNTERTERRORISM 


(U) Ongoing 


(b) (1) 

(b) (3)-P.L. 86-36 


(U //rQUO) Inspection of the Information Warfare Support Center; NSA/CSS 
IN- 06-0001 


IG; 


-fS)-Background The Information Warfare Support Center (IWSC) began- 
operations in November 1994 in response to the need for SIGINT support to Info rmation ! 
Operations (IO\ IWSC’s mission is to provide the combatant commanderfsl with! 1 


related to counterterrorism. The primaiy objectives of this inspection include the 
following: a) determining whether the IWSC is executing its current missions and functions 
in an efficient and effective manner and in accordance with its charter, identifying any 
impediments to mission accomplishment; b) determining whether IWSC personnel comply 
with Internal Management Controls and other Agency regulations and policies governing 
personnel and organizational management; and c) assessing how well IWSC shares 
information with internal and external customers. 


(U) Inspection of SID’s Chemical, Biological, Radiological, Nuclear Mission; 

NSA/CSS IG; IN- 06-0002 

-(S)-Background. Chemical, Biological, Radiological, and Nuclear (CBRN) terrorism 
is one of the most menacing threats to U.S. security, and from a Signals Intelligence 
(SIGINT) perspectivej [ 

^ ork the CgR^ 

target from varying perspectives. The inspection is evaluating CBRN mission performancej, 

including examining the execution of CBRN as a transnational target, asse^jping the impact 

of Mission Build-Out, and reviewing any funding or human resource issues; • 

■ 

■ , 

■ 

(U) Inspection of the Middle East and North Africa Product Line; NSA/CSS IG; • 

IN-06-0006 • : : 

• ^ 

■ 

■fG} Background. The mission of the Signals Intelligence Directorate‘s Deputy • ; 
Directorate for Analysis and Production includes the countries located in the Middle East* 
and North Africa (MENA). The Office of MENA creates analytic strategies, performs 
SIGINT development, and creates SIGINT products and services in respons&to customer 
Information Needs. It is also deeply involved in SIGINT production to support the Agency’s 

counterterrorism activities. The primary objectives of the inspection include the following: 

• ’• 

■ 

(b) (1) 

(b) (3)-50 use 3024(i) 

(b)(3)-P.L. 86-36 
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a) determine the effectiveness and efficiency in which the Middle East and North Africa 
Product Line organization is performing mission operations functions; b) identify 
impediments that the organization faces in SIGINT production; and c) determine whether 
the organization’s personnel comply with Internal Management Controls and other Agency 
regulations and policies governing personnel and organizational management. 

(U//FOU 0 )' Inspection of the Geospatial Exploitation Office; NSA/CSS IG; 

IN-06-0005 

fSi^Backqround The Geospatial Exploitation Office (GEO) began operations in 


_The primary objective will * 

be to assess GEO’s mission effectiveness and their ability to satisfy requirements and 
information needs levied on the organization. The inspection v^ll determine whether the 
current organization’s missions and functions are being properly executed in an efficient 
and effective manner; whether missions and functions are accurately portrayed and .being 
accomplished; establish whether missions performed are appropriately placed witjrin the 
product line; and will identify any impediments, which hinder .the efficient and effective 
execution of their missions and functions. |(b) (d 

(b) (3)-P.L. 86-36 

Regional Review; NSA/CSS IG; /f * 

■(S) -Background. The OIG is comple ting a regional review o ^ ; that'are 
focused on [i ncluding support to counterterronsm. Qur 

review assesses site operations, compliance v^th mtelljgence oversight requirements, ! ] 

If ..., 

(b) (1) 

(U) Special Studies of Presidentially-authorized Program; NSA/CSS [G ( 3 )-p°l'^^ 86 - 36 ^ ' * 

■ 

(U //FOUO) Background: The OIG is performing continual audits-of NSA's 
Presidentially-authorized counterterrorism program. The overall objectives are to 
determine whether there are appropriate policies and procedures in place’for activities 
under the program consistent with the terms of the Presidential Authorization; to evaluate 
their efficiency and effectiveness in mitigating any high-risk activities associated with the 
program; and to identify any impediments to satisfying the requirements of the Presidential 
Authorization. 


(U) Planned 


(b)(3)-P.L. 86-36 


(U) Followup Review of Access to SIGINT Databases; NS/VCSS IG; ST-06-0003 

(U //rOUO) D ackgound. Information sharing and data access continue to be major 
priorities across the Intelligence Community (IC). To jumpstart the information-sharing 
concept, several efforts were initiated, most notably_ 
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jc ouhterterrorism activities. The objectives will be 
to determine if SID’s process for granting ^tabase access is having the desired outcome, 
and, if not, what are the impediments. AddititmaH^, we will determine the adequacy of 
security practices for terminating access once access is no longer needed. 


(b) (3)-P.L. 86-361 
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■ GLCJUlTfnOlDim 


(U) SEMIANNUAL REPORT TO THE CONGRESS 

For the Period April 1,2005 Through September 30, 2005 

(U) Kunia Regional Security Operations Center; NSA/CSS IG; INSCOM IG; AIA IG- 
NSG IG; JT-05-0001; 31 March 2005 

Summary. (U//'F 0 UO) A team of inspectors from the Service Cryptologic Elements 
and NSA conducted a joint inspection of the Kunia Regional Security Operations Center 
(KRSOC). KRSOC is the first Regional Security Operations Center to be inspected by the 
Joint IG Team since the issuance of NSA/CSS Policy 1-3, NSA/CSS Governance, and the 
announcement of the NSA/CSS Build-Out. We found the site Headquarters relationship to 
be generally positive; some costly site-directed initiatives had not been coordinated with 
Higher Headquarters; and communication between KRSOC leadership and the SIGINT 
An^ysis and Production Directorate needs attention, especially in light of the NSA/CSS 
Build-Out, which will require close collaboration in order to succeed. 

Management Action. (U) Management is taking appropriate corrective action. 

Overall Report Classification. (U) TOP SECRET//COMINT//REL TO USA, AUS, 
CAN, GBR, and NZL//MR 

Category. (U) Joint Warfighting and Readiness | (b) oi-p.l. ee- 

♦ 

(U) Attack Sensing and Warning Program (Followup); NSA/CSS IG; sf-05-0014; 

28 April 2005 

Summary. ( U/7^PQUQ^The purpose of the Attack Sensing an{i Warning (AS&W) 
Program is to protecti / 

♦ 

f The 2004 audit report 

found that the AS&W program had not undergone the type of independent review required 
by DoD and NSA regulations for high-dollar programs. As a result of our followup review, 
we were able to close out four of the six recommendations made in the 2004 final report. 

We found two recommendations that management had not addressed: The Defensive 
Information Operations Group has not developed the documentation required by DoD and 
NSA acquisition regulations and the same Group did not assign a qualified acquisition 
manager to the program as required by DoD and NSA acquisition regulations. 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 

Category. (U) Infrastructure and Environment 


Approved for Release by NSA on 07-01-2019, 
FOIA Case # 79825 (litigation) 


Derived From; NSA/CSSM 1-52 
Dated: 20041123 
Declassify On: 2029 11 BO 
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(U) Cryptologic Mission Management Program; NSA/CSS IG; AU-04-0005: 

3 May 2005 

Summary. (U/'/FOUO) We found the Cryptologic Mission Management (CMM) 
Propam Management Office was staffed by qualified and experienced acquisition and 
engineering personnel focused on program results and compliance with DoD and Agency 
acquisition management requirements. However, a recent review by an Integrated Process 
Team (IPT), led by the Agency’s Chief Systems Engineer, made recommendations to help 
reduce technical and other program risfe. Canying out the IPT recommendations will 
postpone the Milestone B decision for CMM Increment i from the end of September 2004 
to May 2005. Specifically, our audit found problems with the CMM risk reduction efforts 
known as the Focused Demonstration Operational Capability in the following areas: Award 
Fee determination; Deliverables; and Unverified Costs. 

Management Action. (U// FOUQ) Management is acting on all but one of our 
recommendations. The SAE nonconcurred with our recommendation to establish a process 
to resolve major disagreements on the award fee. Our recommendation is necessary to 
prevent future arbitrary award fee decisions as well as fi’aud or wrongdoing. Therefore, we 
are requesting that SAE reconsider his nonconcurrence. 

Overall Report Classification. (U) TOP SECRET//COMINT//MR 

Category. (U) Acquisition Processes and Contract Management 


(U;yfet»e)-Nuclear Weapons Personnel Reliability Program; NSA/CSS IG; 
AU-04-0010A; 26 May 2005 

Summary. (U//FOUO) The purpose of the Nuclear Weapons Personnel Reliability 
Program (NWPRP) is to ensure that everyone who performs Nuclear Command and 
Control (NC2) duties meets the highest stand ards of reliability. Our audit found that the 

s trengthened the NWPRP control environment 
by implementing the recommendations from eur 2002 review, but the following issues need 


attention 



Management Action. (U//FOUO) Management agreed to implement a formal 
training program for NWPRP management and support personnel designate the Staff * . 
Security Officer as the official responsible for advising the prograip on security eligibility; 
establish formal procedures for NWPRP d rug testing; and formally determine the status.bf 


Overall Report Classification. (U) CONFIDENTIAL//MR 


(b)(3)-P.L. 86-36 
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Category. (U) Joint Warfighting and Readiness 

(U) Office of Equal Employment Opportunity; NSA/CSS IG; ST-05-0002; 

1 June 2005 

Summary. (U) The study found that mandated timelines related to the investigation 
of formal Equal Employment Opportunity (EEO) complaints are not being met. In 
addition, data related to EEO complaints, which must he posted on the Agency’s public 
website, was incomplete and inaccurate, and NSA’s FY2004 EEO Program Status Report, 
due by 31 January 2005, was not submitted to the Equal Employment Opportunity 
Commission until late April. 

Management Action. (U) Management concurred with the recommendations to 
correct the issues described above. 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 
Category. (U) Human Capital 

(U) Classified Material Destruction; NSA/CSS IG; ST-05-0022; 7 June 2005 

Summary. (U/t^FOUO) An anonymous complaint sent to the Director, NSA and the 
Office of Inspector General (OIG) alleged that Eagle Alliance (EA) was utilizing government 
resources and processes to dispose of EA computer equipment. The GROUNDBREAKER 
contract stipulates that EA is responsible for disposal of EA computer equipment. The 
complaint also stated that EA did not have standard operating procedures (SOPs) for 
disposing of computer equipment. Our special study found no evidence that EA was using 
government resources to dispose of EA-owned computer equipment. However, EA has not 
instituted two elements required by the contract: written SOPs covering its disposal process 
and a process for disposing of hard drives a fter removal from EA-owned computers. We 
also found that EA is storing anproximatelvl | 

^_ • 

|W e ; . 

recommended an immediate decision to either have the Agency take over the dis pnsal • ; 
function (amending the contract accordingly) or require EA to comply with th^ contract • • 
terras. . 

m ■ 

Management Action. (U) EA vsdll provide its position in writing to the'Maryland 
Procurement Office. Senior officials will then present the Agency's approach ift writing to* ■ 
the OIG. • 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL tJSE ONLY*.; 

■ 

Category. (U) Acquisition Processes and Contract Management 

• ■ 

• ^ 

(U) Contract Rates for Office Space; NSA/CSS IG; AU-04-0019; 8 June 2005 ; 

Summary. (U) NSA has operated under a model that collocates contractors with the! 


(b) (3)-P.L. 86-36 
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missions they serve. Our audit found that Contracting Officer’s Representatives (CORs) 
were not validating on- and off-site costs charged for the contracts in our sample. Since 
overhead rates for work done at contractor facilities are usually higher than for government 
facilities, NSA could be paying off-site rates for contractors who are actually working on¬ 
site. 

Management Action. (U) The Maryland Procurement Office agreed to issue 
guidance that requires contractors to provide a breakout of on- and off-site rates and hours 
on invoices and to require CORs to check the on- and off-site rates and hours. 


Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 


Category. (U) Acquisition Processes and Contract Management (b)(3)-p.L. 86-36 

• • * I* ■ 

• • ’ _■ ' 

(U//rOUO) Followup Inspection: Special U.S. Liaison*' 

NSA/CSS IG; INSCOM IG; NSG IG; AIA lOj* * * ' f 7 ^ 

^mmary. fU//F 0 U 01 'A’ fuHovmn ioint insnection of the SneCial U.S. Liaison 

, . • * 

f ----- * 

1 NSA/CSS found significant progress from the April 2 t )04 ioint IG ins 
in the areas of training, intelligence oversight, security, communications, and infon 
assurance. Civilian employee recruitment has improved, albeit §lowly; however, se 
findings remain open, pending action by NSA Headquarters. / 

Management Action. (U) Management concurred wth the recommendatic 
is taking appropriate corrective action. 

• 

Overall Report Classification. (U) SECRET//COMINT//REL TO USA, CA 
and NZL//20291123 

* 

Category. (U) Joint Warfighting and Readiness 

♦ 

* 

(U) Tailored Access Operations; NSA/CSS IG; sf- 04 - 022 C; 19 July 2005 

Summary. (U/-/'FQUO) This study, the third in a series of three reports on 
Agency’s Tailored Access Operations (TAO) office, focused on the control environm 

pection 

[nation 

veral 

• 

>ns and 

cN, GBR,:: 

• 

■ 

• 

■■ 

0 

■0 

■ 0 

•0 

■0 

he 

ent. We;* 

found that: i]| 


• 

♦ 

* 

* 

• 

• 

* 


Management Action. (U) TAO management concurred with all OIG 



recommendations and plans to take Corrective action by i October 2005. The Finance 
Directorate will move the reimburse ment process to the Disbursing Office to | 


•S ECRLTff 2 (i 29 m 3 
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Overall Report Classification. (U) TOP 

SECRET//COMINT//NOFORN//220291123 

Category. (U) Joint Warfighting and Readiness 

(U) FY2005 Report on Compliance With The Federal Information Security 
Management Act at NSA/CSS; NSA/CSS IG; AU-05-0004: 5 August 2005 

Summary.-{€3 NSA is making a concerted effort to address the weaknesses 
identified in our FY2004 audit of compliance with The Federal Information Security 
Management Act (FISMA). Although impediments still exist to achieving the Agency’s 
certification and accreditation (C&A) goals, the Chief Information Officer (CIO) has made 
progress. NSA continued to maintain and track a Plan of Action and Milestone to address 
the inadequate C&A of Agency systems, identified as a material weakness in FY2002. 
However, we discovered several weaknesses in t he Agency’s IT security posture during ou r 
FY2005 FISMA review. We found that NSA has! 


Management Action. (U //FOUO) The CIO has made a concerted effort to address 
FISMA requirements. This includes holding regular FISMA working group meetings, ’.; 
providing a data call to all responsible organizations to address reporting requirements, alrf 
raising awareness of FISMA requirements. In addition, the CIO established labs to perform 
vulnerability testing and penetration testing and secured additional resources to help create 
the documents associated with certifying mission-critical systems. 

Overall Report Classification. (U) TOP 

SECRET//COMINT//NOFORN//20291123 

Category. (U) Information Technology Management 



(U) NSA/CSS Representative Pacific (NCPAC); NSA/CSS IG; IN-05-0002; 
16 August 2005 


Summary. (U //FOUO) Our inspection found that the Agency is well represented 
by the NSA/CSS Representative (NCR) Pacific and his staff. Pacific Command 
(PACOM) officials we interviewed had a high opinion of the NCR and his staff and 
regard them as a “mode l” of effectiv e NSA/CSS liaison. Innovative NCPAC initiatives 
include embedding ovei j |o f the NCPAC staff in PACOM activities. Increased 

levels of support in the information operations arena are also highly valued by the 
Command. Areas for improvement intlude the following: NSA/CSS Policy 1-3 on 
governance does not conform to actua l nraptice in thj e Pacific Theater; the operational 
span of control for the NCR is unclear ^ * ♦ the Regional Communications 

Security Monitoring Center, does not have enough assignees to perform its mission; and 
NCPAC’s representational efforts to PACOM sub-commands in regard to Information 
Assurance are insufficient. 


(b)(3)-P.L. 86-36 
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(b)(3)-P.L. 86-36 


Management Action. (U) Management concurred in aH recommendations, nine 
of which are already closed. / .* 1 

Overall Report Classification. (U) SECRET//C 0 MINT//^L TO USA, AU^, CAN, 

GBR, NZL//20291123 . • ‘ • 

♦ • • 

Category. (U) Joint Warfighting a^dTleadiness • .* 

.* • 

* - j » 

(U) | f NSA/CSS IG: I j ’. 

Summary. (U//FOU 03 Our inspection of the | [ * 


FiiTsTTiTVTiafSTiB fSTiftiyS Bd 

" r W W 1 \ 0 1 i C* M |W1 W I A wf Iji^ wM 11 In I mvJ KVft ^ Ws III 

_ -- r m a m m m l J 1 \ j 



Management Action. (U) The Director for Analysis and Production concurred with 
all of the recommendations and convened an Integrated Product Team to address them. 

Overall Report Classification. (U) SECRET//REL TO USA, AUS, CAN GBR, and 
NZL//20291123 


Category. (U) Joint Warfighting and Readiness 


(b)(3)-P.L. 86-36 



• Summary. -(S^We visited three sites selected on the 

basis of location, risk, and reported oversight issues. Based on our findings, a 

representative of SID is working with.bne of the sites to improve analysis and reporting on 

SIGJNT collected there, while anoth^sY site launched a comprehensive reassessment of its 

ability to contribute to the national SIG INT mission and satisfy the requirem ents of 

I ; • I We also recommen ded tha t! | sites improve 

their emergency action pro cedures. To that end,| J has now darified its emergency 

opeijations procedures, andj • « * (agreed to conduct emergency 

drills. • . . 

...» ♦ ♦ 

• • ♦ . ♦ 

: Overall Report Classifications^ *(U) TQP SECRET//COMINT//20291123 (all 

three reports) / . * . ♦ * 

■ * * * * 

■ Category. (U) Joitit-Waifiglitijig'and Readiness 


(b) (1) 

(b)(3)-P.L. 86-36 
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(b) (1) 

(b) (3)-P.L. 86-361 


(U) Electronic Intelligence (ELINT) Modernization Program; NSA/CSS IG; 
AU-05-0001: 19 September 2005 1 


Summary. Budgeted to receive’ 
Modernization Program is intended to develop, integral 


|from FY2004-11, the ELINT 
e, and deploy the capabilities 


needed to fill the gaps identified in a stud y.conducted at the behest of Congress. The 
audit identified two significant problems: 



Management Action. (U) Management concurred with all recommendations and 
corrective action is underway. 

Overall Report Classification. (U) SECRET//TALENT KF.YR pT.F.// 9 n 70 i 


(b)(3)-P.L. 86-36 


Category. (U) Joint Warfighting and Readiness 


(b) (1) 

(b) (3)-50 use 3024 (i) 
(b) (3)-P.L. 86-36 


iU)l 


I 


NSA/CSS IG; INSCOM IG; AIA IG; N^G IG; 


SiUnmatyr^e^ team of inspectors 


Management Action. (U) Management is taking appropriate corrective action. 

• ♦ 

Overall Report.Classification. (U) SECRET//COMINT//REL TO USA, AUS, CAN, 
GBR, NZL//20291123 

Category.’. (U) Joint Warfighting and Readiness 

• ♦ 

♦ 

(U) Precious Metals Recovery Program; JvlSA/CSS IG; ST-05-0005; 

19 September 2005’. 

• ♦ 

* 

Summary. (U/ yPOUQ) T he Precious Medals Recovery Program (PMRP) recycles 
film, circuit boards, and microchips for NSA, DoDj and other Intelligence Community 
customers. Our special study found that the PMRP] 


plan to spend the funds 


Jand no formal 


generated fi’om recycling microchips. 


■ S^CIU:W20291123 . 
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(b) (1) 

(b) (3)-P.L. 86-36 


Additionally, the policy establishing the PMRP has not been updated since 1991, and • 
internal controls are needed to safeguard the precious metals that are recovered when I 
microchips are recycled. \ 

Management Action. (U //FOUO) M anagement nonconcured with our • 

recommendation to develop a plan to spend these funds rather than letting the money I 
accumulate. Consequently, we are forwarding the report to the Comptroller. | 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONUY 

% 

Category. (U) Other ' 


(U) 


I 


InSA/CSS IG; 


[ 


^ • ■ 
Summary. Our fun ctional inspection of NSA’s program to[ 


\ l^ which is managed by the Signals Intelligence Di 
is ahdtrainine with the goal of determining Whether { 


] 


Directorate 


(SID), f ocused on analysis ahd»training with the goal of determ ining Whether SIGINT 
analysts F V . . . ‘ found^hat Agency and 

SID lead ers have not co nducted a»risk assessment to determine the appropriate level of 
effort for i j^ and Agency policy does not adequately, address the authorities £in<J 

responsibiliti^ for this function. Ifloreover, NSA’s Implementation Plan fo rj | * 

' jdoes not addtess a key geal of the Director of Central Intelltgepce: 



Management Action. (U) Management concurred with^our recommendations and 
is taking appropriate corrective actiofi». * 


♦♦ 

♦♦ 


Overall Report Classification. (lf)*TOP-S^CRET//REi:TO USA,;,AUS, CAN, GBR, 
NZL//20291123 


♦ ♦♦ 


Category. (U) Joint Warfighting and Readiness; 


/ 


(b) (3)-P.L. 86-36 


(U) Information Technology Directorate Field Liaison Division; NSA/CSS IG; 
IN-05-0005: 20 September 2005 

♦ 

Summary. (U// FOUQ -) Xhe Information Technology Directorate’s (ITD) Field 
Liaison Division is a | ~[ brganization created in January 2003 as a direct response to 

recommendations from several Joint IG inspections. During the inspection, the Field 
Liaison Division’s leadership changed and the ITD restructure began, resulting in a new 
focus for the Division. Nevertheless, the Director for IT asked that we proceed with the 
inspection to help identify problems or issues that need to be considered in ITD's 
restructuring and consolidation efforts. To this end, we issued a letter report advising the 
Director for IT of areas in need of attention as the ITD consolidation continues. Our 
inspection found that the Field Liaison Division has had a positive effect on the Extended 


i}ECRETff 202 m 23 
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Enterprise; however, as ITD implements its concept of centralized management with 
decentralized execution, close attention should be given to the following: clearly 
delineating roles and responsibilities; implementing a mechanism for assessing the 
effectiveness of the new structure; and providing a dynamic, up-to-date, and useful NSANet 
presence. 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 
Category. (U) Information Technology Management 


(U) Meade Operations Center; NSA/CSS IG; INSCOM IG; AIA IG; NSG IG; 
JT-05-0006: 30 September 2005 . . • • • 


(b) (3)-P.L. 86-36 


_ Summary. (U/- /FOUO) The Joint I Qs conducted an inspection of the]_ 

_Meade Operations Center (MOC)) in 2002. A 

followup inspection in 2003 assessed progress in several areas, including Command 
Topics and Mission Operations. In keeping with the three-year inspection cycle for 
major field sites, the Joint IGs scheduled an inspection of the MOC to begin in August 
2005. Our preparation for this inspection revealed that the predominant theme of the 
two previous inspections remains unresolved - the persistent lack of documented 
mission and an effective governance mechanism or chain-of-command. In a Joint IG 
Management Advisory Report, the Joint IGs suspended the on-site phase of the 
inspection until the Signals Intelligence Directorate (SID) clearly documents a mission 
and begins to exercise an effective governance approach for the organization. The Joint 
IGs concluded that the unresolved issues are unlikely to improve without a zero-based 
review to determine the missions, if any, that are best performed by the MOC, and 2) the 
implementation of effective governance from SID of those missions. 


Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 


Category. (U) Joint Warfighting and Readiness 


(U) inappropriate Representation Before the Government and Misuse of 
Resources; NSA/CSS IG; IV-05-0005: September 2005 

Summary. (U //FOUO) An NSA/CSS employee who established a software company 
inappropriately represented his company in a “pitch” meeting before the Government. This 
employee also misused Government resources to solicit and conduct private business. 
Furthermore, the employee and his business associate knowingly misused Government 
Information Systems to solicit business for their private company. Due to the potential 
Title 18 violation, the matter was referred to the DoJ for a prosecutive opinion. 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 

Category. (U) Personnel/Standards of Conduct; Procurement and Contract 
Administration 


6 ECIU:Tf /20291123 
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(U) Inappropriate Representation Before the Government; NSA/CSS IG; 

IV-05-0011; June 2005 

Summary. (U //FOUQ) An NSA employee who “moonlighted” part-time for an 
Agency contractor inappropriately represented the contractor in a meeting before the 
Government, in a particular matter in which the United States was a party and had a direct 
. interest. Due to the potential Title i8 violation, our report was referred to the DoJ for a 
prosecutive opinion. 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 
Category. (U) Personnel/Standards of Conduct 

(U) Time and Attendance investigations; NSA/CSS IG; IV-04-0040 
(31 May 2005): IV-05-0008 (23 May 2005); IV-05-0023 (9 September 2005); 

IV-05-0032 (9 September 2005) 

Summary. (U/ /FOUO) The OIG substantiated four allegations of Time and 
Attendance abuse, wherein employees claimed hours in excess of those they were 
determined to have actually worked. In the aggregate, these cases will result in the recovery 
of approximately $46,500.00 in funds paid to employees for hours falsely claimed. 

Overall Report Classifications. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(all referenced investigations) 

Category. (U) Other (Fraud) 


'S ECRETfm291113 
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00?(riDn<TIj ‘ iljVIlEL TO USA. AUB. CMl GDR, 


(U) SEMIANNUAL REPORT TO THE CONGRESS 


For the Period October 1, 2004 Through March 31, 2005 


(U //rOiJ O) Timecard Accountability in Tailored Access Operations; NSA/CSS IG; 
ST-04-0022A: 20 October 2004 

Summary. (U //FOUO) This special study investigated an anonymous Hotline 
complaint regarding two timesheet issues that warranted im mediate attention by Tailored 
Access Operations (TAO) management. We found that TAO’s l ^ 

lacked controls to ensure that hours entered into the payroll system matched the hours 
certified by supervisors. We also noted inconsistent application of pay entitlements for 
Access Operations personnel who improperly claimed regular duty time as well as overtime* 
and/or compensatory time for time spent traveling outside their normal work schedule. 

■ 

Management Action. (U) TAO agreed to publish timekeeper verification 
procedures and to obtain an opinion from Human Resources/Compensation Policy on 
trayel time compensation, premium pay entitlements, and scheduling duty hours for 
personnel required to travel for TAO mission exigencies. TAO also assured the NSA/CSS 
Office of the Inspector General that this opinion would be applied consistently across the 
organization. 

Overall Report Classification. (U) CONFIDENTIAL//X1 1 - 


(b) (3)-P.L. 86-36 


Category. (U) Human Capital 

(U) Yakima Research Station; NSA/CSS IG; NSG IG; JT-04-0014; 3 December 2004 

Summary. -fe)-A joint team of inspectors from the Naval Security Group and NSA 
conducted a joint inspection of the Yakima Research Station (YRS). Our findings focused 
on the lack of compliance with regulations and policies. We also noted the lack of guidance 
and support from NSA Headquarters (HQ), especially involving mission focus and 
resources. As to mission focus, we found that YRS is strategically adrift and requires a 
mission review; NSA needs to validate the site’s mission and make better use of its talented 
workforce. Regarding resources, dramatic changes in the site’s technical and analytic 
resources in recent years were not accompanied by a cost-benefit analysis of the 
requirements. 

Management Action. (U) Management at YRS and HQ are taking corrective action 


on all of the findings. 

Overall Report Classification. (U) TOP SECRET//COMINT/RELTO USA, AUS, 
CAN, GBR, and NZL//X1 

Category. (U) Joint Warfighting and Readiness 


Approved for Release by NSA on 07-01-2019 
FOIA Case # 79825 (litigation) 


Derived From: NSA/CSSM 123-2 
Dated: 24 February 1998 
Declassify On: Source Marked XI ■ 


Derived From: NSA/CSSM 1-52 


Dated: 20070108 


Declassify On: 20320100 
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^ ONFIDENTIAlffREL TO - If GW, GDR^ NZLffMR 


(U) Contractor Space; NSA/CSS IG; AU-04-0001; 13 January 2005 

Summary. (U//FOUO) The lack of space has reached crisis proportions at NSA. 

The current occupancy rate of 97.4 percent is projected to reach 101.4 percent by the end of 
FY2005. A major factor is the need to house contractors, who now exceed the civilian 
workforce. Our audit found that current policy and planning vehicles are incapable of 
producing the long-term comprehensive plan needed to manage the crisis and to track the 
contractor presence at NSA. We also found that recent initiatives by the Associate Director 
of Installations and Logistics (ADIL) and the Senior Acquisition Executive (SAE) to relieve 
the Agency’s space shortage by removing contractors were lacking key elements such as: 1) a 
formal policy and process for producing a comprehensive long-term facilities plan aligned 
with the NSA/CSS strategic plan; 2) short-term plans to reloc ate people on existing 
contracts do not specify how removal costs (estimated at over | [f rom FY2005- 

08) will be funded, nor do they give criteria for selecting which contractors to move; and 3) 
NSA needs an explicit, enforceable policy on allowing contractors to work ih Agency spaces. 

Management Action. (U//FOUO) The ADIL and SAE nonconcurred on the 
grounds that some actions were already in progress before the audit. Our re^rt recognizes 
these initiatives, but they are not completed. Moreover, ADIL and SAE have’pot agreed to 
set criteria for deciding which contractors on existing contracts to remove; inthe opinion of 
General Counsel, this leaves the Agency vulnerable to charges of favoritism. Consequently, 
we referred this report to DIRNSA and he directed ADIL and SAE to take management 
action. 


(b) (3)-P.L. 86-361 


Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 

m 

Category. (U) Infrastructure and Environment J 

(Uffpetje)! ... ■••••'■'•'•’r NSA/g-jsiri: 

I \ .. . 

'... . . ._: 

_ Summa ry, Our inspection of the I | 

I I found some duplication of effort resulting fromfnission.Overlap yvithin| ^ | 


--X---w T ACI.jp 

itself and with other organizations in the Analysis and Production Directorate rSID/S2). 

We f ound that: j * . | 

* * ]itls 


We f ound that: J_ 

I l and across-'S2 leads to duplication of effo rt! * / _ 

critical to formalize all aspects of informati on sh ading mMeihorail diiTn.s of TTndp r.ci tari ding 
vsith parent agencies that have integrees in [ * ♦ * f relqtionsliips wjfrh l | elements 

need attention;- customers need to know«exactly what tg'provide in a Request for 
Information and to be kept apprised offhe statps*of thh ir reo ilests: and leadership at the S2, 
SlD, and Agency levels is n ot adequ ately engaged inthe | p upport mission which has 
cfeated an adverse effect on | . *j morale and staffing. 


relationships 


■ . — 

Management Actiom *(U) Issu es relate d to information sharing and customer 
ishipsiire now beiijg addressed. | Inew management is planning an aggressive 


abproach to thckle these issues aji d to improve | 


1 


♦ 

Overall Rerport Classification. (U) TOP SECRET//COMINT//REL TO USA, AUS, 
CAN, GBR, anO-NZL/ZMR 


(b) (1) 

(b) (3)-P.L. 86-36 


eONTIDUmALHJiEL TO USA, AUS, GAN, GBR, NZLUMTi 
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(b)(3)-P.L. 86-36 


€ ONFIDEmJjiLffREL TOilGA, jIUS, GIM GBR, NZL//^^R 


(b) (1) 

(b)(3)-P.L. 86-36 


Cateopiy. Joint Warfighting and Readiness 




f4)*Special Tailored Accdes Operations; NSA/CSS IG;iSf-04-002i^B; 

15 February 2005 *. *. **•.. .:*’,** 

Summary.“t 93 A special study found that the] , * ♦ * ,* 

_•__i _ 1 ^ 


2Q0.S program 


has, experienced schedule slippage thalT^ 

; I i ? 


addition, cost overruns on the l b oo.^i procurfement mavexceed[ 

"" * —^j*^^^*** ♦ r __& - 


study found that: i) the _ 

effective oversight of the | I 2IJ05 pro gram; 2) A 'e| 


In 


(Poor comipunication and c oordinati on 
within the Tailored Access OperationsXTAOVo rganizatid n, which manages f b nd 

feiated efforts, have im peded the success of the f» ♦i nitiative. Specifically, the special 

t. Program Manager (^M^i lacked the authority needed for 


005 PM did not effectively 


jerigag e other TAD Offices, especially the | p rogram Management Office, in defining 

12005 requirements; and 3) Program progress was not always accurately assessed and 


reported to Agency leaders. 


Manaqer ffent A ction. (U) The TAO Group Chief has assumed the role of[ 

el I 


and realigned the 


PM organization directly un der her. She plans to formalize the 

jPeam structure to enhance 


PM 


communication, clearly define requirements, and foster teamwork within TAO and with the 
contractor. 

Overall Report Classification. (U) TOP SECRET//COMINT//ORCON, 
NOFORN//MR 

Category. (U) Acquisition Processes and Contract Management 


(U 1 

NSA/CSS IG;|_ 


n 


] 


Summary. -fS^A Joiirt Inspectors Gener al team concluded that implementation of 
the l ■ . I while progressing, got off to a poor start 

and is currently impeded by leadership disagreements and procedural differences between 
the pare nt Agencies. The directors of thg Agenc ies must ensure that senior leaders at 
I ja re fully committed to implementing th ^ I Specific findings of this joint 

review include the following.' 1) the four missions that have already transitioned to the 
I ^ r‘e beginning to produce the desired synergies; 2) while the four implementing 
document^ of spring 2004suffice in the shortterm, they d o not pro vide sufficiently 
detailed,, long-term directibil needed to tolly implement th ^ I concept and ensure 

productive and efficient operations; 3) seniqr leaders haye not resolv ed the le adership 
disagreements at the site, which stem frbm/widely diverging views o nj | 
implementation; and 4) officials need to resolve implementatiop-an’d procedural differences 
regarding fofeign partner itformation sharing^ ftindin§,.aiid’the management of human 
resources. *!. " •.*.*.•* 


(b)(3)-P.L. 86-36 
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(b)(3)-P.L. 86-36 


Management Action. (U) Management concurred with'the recommendations 
directed to their respective offices. A number of efforts are bnderway to implement the 
recommendations, and several actions have been completed. 

Overall Report Classification. (UJ«S£CRET//COMINT//TALENT 

KEYHOLE//NOFORN//25X1 .. * ‘ 

• . * 

Category. (U) Joint \Vaiffighting and Readiness 


M 


T 


NSA/CSS IG; INSCOM IG 




(b) (1) 

!(b)(3)-P.L. 86-361 


Summary. A Jo int Inspectors General team fro m INSCOM and NSA/CSS 


conducted an inspection at 


The team found problems jbat 


have a direct impact on the site’s effectiveness. The most significant issues facing thelsite’s 



[ The report has been provided for information purposes 
to appropriate NSA elements. The NSA/CSS OIG will follow up on many of the issues in the 
report during our 2005 joint IG inspection of [7 


Management Action. (U) Management concurred \vith the recommendations and 
is taking appropriate corrective action. 

Overall Report Classification. (U) SECRET//COMINT//MR 

Category. (U) Joint Warfighting and Readiness 


(U) Possible Violation of Federal Law; NSA/CSS IG; IV-04-0047; 28 October 2004 

Summary. ( U//FQUQ) Pursuant to a 1995 agreement between the Department of 
Justice (DOJ) and the agencies of the Intelligence Community, the NSA/CSS General 
Counsel referred allegations of possible criminal conduct by an NSA employee to the DOJ. 
The results of the OIG inquiry into this matter were also forwarded to DOJ. 

Overall Report Classification. (U) TOP SECRET//COMINT//X1 

Category. (U) Other (Intelligence Oversight) 

(U) Time and Attendance Investigations; NSA/CSS IG; IV-04-0056 

(16 November 2004); IV-04-0064 (5 November 2004); IV-05-0001 (22 December 2004) 

Summary. ( U//FOUO) -The OIG substantiated three Time and Attendance abuse 
allegations, wherein employees claimed hours in excess of those they were determined to 
have actually worked. In the aggregate, these cases will result in the recoupment of almost 
$20,000.00 in funds paid to employees for hours falsely claimed. Two of these cases were 
referred to the DOJ for possible prosecution for violation of 18 U.S.C. § 287 
and 18 U.S.C. § 1001. 


TO USA, AUS, CilM GBR, NZL//Am 
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Overall Report Classifications. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(all referenced investigations) 

Category. (U) Other (Fraud) 

(U) Misuse of Resources; NSA/CSS IG; IV-04-0054; 8 February 2005 

Summary. (U) The OIG substantiated an allegation that an Agency employee was 
using Agency computer systems to manufacture counterfeit rebate coupons for submission 
to commercial computer manufacturers for personal gain. Disciplinary action is pending, 
and the case was forwarded to the NSA/CSS Office of General Counsel for referral to the 
DOJ. 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 
Category. (U) Other (Misuse of Resources) 
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Sf^CRLTim 


SEMIANNUAL REPORT TO THE CONGRESS 


For the Period October 1, 2003 Through March 31, 


2004 


(b)(3)-P 


(U) Meade Operations Center-Followup Inspection; NSA/CS^.I6f ^^36COM IG, 

IG, NSG IG, JT-03-0005, 3 October 2003 ‘ * 

• •** * 

_ Summary. (U/-/FOUP J .The fblTo.wtup’ifispection found that thef 

Ithe Meade'Operations Center, 

Od 


AlA 


L. 86-36 


] 


_'Ut was still awaiting a decision on its governance ^d its 

place in the organizational structure. Morale had improved under new, stable leadership. 
We recommended that the Signals Intelligence Directorate (SID) assign a suspense date to 
finalize its proposal for governance and to place an agenda item titled “Implementation 
Plan for MOC Governance” at the next Joint Issues Board Meeting. 

Management Action. (U) Management is taking appropriate corrective action. 


CAN, GBR, and NZL//X1 

Category. (U) Joint Warfighting and Readiness 

(b) (1) 

(b) (3)-P.L.; 86-36 



NSA/CSS IG, 

♦ 

♦ 

♦ 



Summary. -fS^-We visited selected 


sites to ensure 


regard for the law. We found that processes exist to validate that intelligence activities 
comply with the l aw; however, we also found four areas of concern regarding policies and 
internal controls:[^ 



Management Action. (U//FOUO) Management concurred with all 
recommendations and agreed to publish formal policies and agreements that reflect current 
responsibilities; incorporate OIG suggestions to improve the control environment; conduct 
rigorous security reviews—and act on the results; and ensure that valuable SIGINT assefs 
are both properly safeguarded and fully utilized. 

Overall Report Classification. (U) TOP SECRET//COMINT//RELTO USA, aTltS, 
CAN, GBR, and NZL//Xi - 

Category. (U) Joint Warfighting and Readiness 


(b) (1) 

(b) (3)-50 use 3024 (i) 
(b) (3)-P.L. 86-36 
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(U //rOUO) Deployment Services, Analysis and Production Directorate; NSA/CSS 
IG, IN-03-0003, 21 November 2003 


Summary. (U //FOUO) The Deployment Services organization in the Analysis & 
Production Directorate (A&P) was created to optimize agility in responding to rapidly 
changing intelligence needs. The organization also manages the training and development 
of the anal5'tic work force. We found that Deplo)Tnent Services did a good job of getting the 
right person in the right job at the right time—^particularly in a crisis—and had forged 
effective partnerships with the Associate Directorates of Human Resource Services 
(ADHRS) and Education and Training (ADET). However, workforce development needed 
attention from A&P leadership, starting with an analysis of future training needs 
engendered by new toolsets. Human resource databases, developed and maintained by 
Deployment Services staff, are labor intensive. PeopleSoft database services from ADHRS 
should eventually allow production personnel to concentrate on mission-centric work. 

Management Action. (U) A&P Directorate, Deployment Services, ADHRS, and 
ADET are taking corrective action on all of the recommendations. 


Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 
Category. (U) Human Capital 


(b)(3)-P.L. 86-36 


(U) Information Assurance Solutions DivisiOhl-YvJSA/CSS IG, IN-03-00Q9^ 
23 December 2003 ‘ ••• * 


* ■ • * 

Summary. (U //FOUO) The.InYortnattoiTTfesurance Directorate’s flAD)]" 


-- - -i- - -H ^ ^ * 

The'divisioif follows » well-documented process'and 
iiM praise from its chstomers reeardine risk managftm^i 


methodology, and earns high praise frqm its QhstQmers regarding risk managem ent. Th e 
inspection found that the division wagraccepting rnany projects that did not meet] ' 


requirements; in order to perform .testing, the | ■ | division had to do the customer’s work— 
a waste of Agency r.esources. Long lulls between projects were inefficient and'irustrating to 
the division’s cadre of technical.ej^erts. C.brrecting the problem depends on ^ ^ective 
lAD-wide requ irements and ppioritizatiomprocess and a mechanism to deploy! \ ^ I 
{skills where they are most needed. 


the 


Management Action. (Uftf^O H^The l I division has since been reassigned to 


as part of the LAD reorganization. This . ’. 


reassignment of the } p unction should resolve most of the concerns specific to the ) I 
division. The larger lAD issues are addressed in our special study on LAD Corporate Issues. 


Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 
Category. (U) Information Technology Management (Systems Security) 
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(U) Ft. Gordon Regional Security Operations Center; NSA/CSS IG, INSCOM IG, AIA 
IG, NSG IG. JT-04-0001. 13 January 2004 


Summary. A joint inspection of the Ft. Gordon Regional Security Operations 
Center (GRSOC) by a team from the Service Cryptologic Elements and NSA/CSS found 
problems that directly affected the site’s etfectiveness and must be addressed at a high level; 
(i) assigning enough people and resources to accomplish the expanding mission; (2) 
acquiring space to accommodate mission growth and a continuity of operations facility; and 
(3) specifying which Headquarters organization is responsible for resolving field mission 
and support problems. The team also found two perennial problem s that are not confined 
to GRSOC and require innovative solution s by senior leadership: (1) 

K a) “Jointness Initiatives” are not getting the level 
of Higher Headquarters support needed for Success. 


Management Action. (U) Management is taking appropriate corrective action. 

Overall Report Classification. (U) TOP SECRETZ/COMINT/ZRELTO USA, AUS, 
CAN, GBR, and NZL//X1 

Category. (U) Joint Warfighting and Readiness 


(b) (3)-P.L. 86-36 


(U) Vulnerability Assessments Division; NSA/CSS IG, IN-03-0004, 23 Jcinuary 2004 

Summary. Vulnerability assessments are an important tool fo help protect the 
nation’s critical infrastructure of telecommunications and information^systems, per 
National Security Directive 42 (NSD-42) and Presidential Decision I^rective 63. The 
Vulnerability Assessment division is part of the Discover Vulnerabilities (DV) triad of 
services offered by LAD organizations; it performs high-level asses.sments that identify 
vulnerabilities in the operational information systems of DoD, Iijtelligence Community, and 
selected private sector customers. The inspection found that tl^e organization provides a 
valuable service and enjoys a high degree of customer satisfaction, but the workload, at the 
time of the inspection, was uneven and insufficient for the| [assignees. Moreover, 
information sharing with other Triad members and with the larger DV community is 
minimal. Two issues that contribute to the division’s workload problems are the absence of 
both a centrally managed LAD requirements process and a single codified management 
process for the triad of DV services. 

Management Action. (U) Management has already taken steps to improve its 
control environment, particularly in the area of time and attendance. Recommendations 
that require action above the Vulnerability Assessment division, symptomatic of larger lAD 
process and policy issues, are addressed in our special study on LAD Corporate Issues. 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 

Category. (U) Information Technology Management (Systems Security) 


S- ECREWXl 

3 


Release: 2019-06 
NSA:08825 




Doc ID: 6672189 


■ SHCRETtm 


(U) Selected System Engineering Contracts; NSA/CSS IG, ST-03-0019, 
30 January 2004 


Summary. (U //FOUQ) This special study reviewedj 
contracts to ensure proper competition. We found that onl 


system engineering 
were sole source 
Act (CICA) 


l>f \ 

actions, and they were supported by Competition in Contracting,^ 
justifications and documentation. The remaining actions were ef^her 8(a) awards to 
small disadvantaged businesses, orders legitimately placed on pretjiously awarded 
competitiv e actions, or co mpetitively awarded contracts. We did identity potential 
issues withi [sole source contracts regarding questionable cost gro wth. 


continuing lack of competftkxn^ and failure to perform market researdi. Thesef 


contracts will be covered in a separate report. 

* * . * " 

’ Management Action. (U) The Acquisition organization and theX^ompetition 

Advocate recently took steps to make it more likely ^hat competition would be utilized to 

the maximum extent practicable. ' * •. ^ \ 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL-USE ONLY 

Category. (U) Acquisition Management 




(U) Information Assurance Directorate - Corporate Issues; NSA/CSS IG, 
ST-03-0016, 19 February 2004 


(b)(3)-P.L. 86-36 


Summary. (U //FOUO) Organizational inspections of three lAD divisions, two of 
which are summarized in this Semiannual Report (Information Assurance Solutions and 
Vulnerability Assessments) and one from the previous Report (Operational Network 
Evaluations) surfaced four common themes regarding lAD corporate functions that 
negatively impact the overall Discover Vulnerabilities (DV) activity. This study offered an 
overarching view of how DV processes are sometimes at cross-purposes with one another 
and recommended measures to align them with corporate lAD goals. Key findings of the 
study that warrant further corporate attention are: (i) a porous lAD requirements process 
that is not centralized and lacks sufficient corporate structure and oversight to ensure 
consistent handling of customer requests; (2) an ineffective, non-cohesive corporate 
marketing strategy; (3) lack of central management of DV activities; and (4) ineffective 
knowledge management. 

Management Action. (U) lAD leadership concurred with all of the 
recommendations and has begun to implement corrective measures to address the findings. 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 


Category. (U) Information Technology Management 


(U) Summary of OIG Efforts Related to the Congressional Joint Inquiry Into 
Intelligence Community Activities Before and After the Terrorist Attacks of 
September 11, 2001; NSA/CSS IG, ST-04-0015, 25 February 2004 

Summary. (U //FOUO) The IG, DoD has started a review of the Factual Findings 
and Record of the “Joint Inquiry Into Intelligence Community Activities Before and After 


SECRETffXl 
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the Terrorist Attacks of September ii, 2001,” dated 10 December 2002. Specifically, 
Recommendation 16 of this report tasks the IG, DoD to review the findings and record of 
the Joint Inquiry “to determine whether and to what extent personnel at all levels should be 
held accountable for any omission, commission, or failure to meet professional standards.” 
On 12 November 2003, the Director, NSA wrote to the Congress in response to 
Recommendation 10 of the same report. His letter referred to a series of specific areas in 
which the Agency has been energetically responding to the issues that gave rise to the 
recommendation. 

(U) At the request of the DoD Deputy Inspector General for Intelligence, the NSA 
OIG summarized its efforts related to the Director’s response. Since 2001, about half of the 
OIG’s reviews, including inspections, audits, and special studies, have been germane to the 
Director’s response. The NSA OIG’s report summarized 55 reviews (over 40 completed) for 
the period 2001 to 2004. The OIG grouped the reviews into two categories: technological 
solutions and programs (includes research and technology initiatives, acquisition 
management, organizational transformation, and mission and systems security); and 
collaboration and information sharing (includes relations with partners and customers, 
and joint inspections with the service cryptologic elements). It should be noted that the 
summaiy of each review describes conditions as they existed at the time of the review. 

Those conditions may be, and in many cases certainly are, materially different as of the date 
of this Semiannual Report. 

Overall Report Classification. (U) TOP SECRET//COMINT/TALENT 



initial emergency supplemental, there was no formal process for developing and 
documenting this type of request and tracking the underlying requirements. Two factors 
made the task even harder: the Agency had only a short time in which to submit the 
requests, and DoD failed to issue specific guidance to supplement the general guidance 
published by 0 MB shortly after 9/11. The Agency’s situation was not unique; as reported by 
GAO, DoD’s failure to issue specific internal guidance caused uncertainty on appropriate 
uses of the emergency funds throughout its components. For the second supplemental, we 
encountered difficulty in completely tracking the actual expenditure categories in the 
accounting system to the requirement areas because the reporting “categories” did not 
correlate. 


OECREWXl 
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Management Action. (U //FOU 0 ^ Since the current administration plans to 
continue funding the war on terrorism through supplemental appropriations, it is 
important to have an efficient process for managing them; it should facilitate accurate 
accounting that tracks how funds are used to the approved requirement. DF recently 
developed a template (including description, justification, requested funds, initiating 
organization, and point of contact for documenting each requirement in a supplemental 
request) to standardize Agency requests for supplemental appropriations. Properly used, 
the template should ensure that requirements are documented and trackable, which will 
help maintain the Agency’s credibility with Congress. 

Overall Report Classification. (U) SECRET//X1 

• ••***•* 

Category. (U) Financial Management ’ 


(b)(3)-P.L. 86-36 


(U1 Reoort of Inauirv: Usefu 

Lness *oT 1 


1 ^- 


Analysis; NSA/CSS IG. 


Summary. -fist In August 200.^, an analyst alleged that he published a report in 

_and that the report's 

The analyst 


editing resulted in the deletion of a significant amount of information. 
believed that the deleted inforrn ation would have been useful to otlier analysts 

Our inquiry concluded that the editing was performed in 


accordance with established policies’and-proQedures regarding sanitization of reports 
containing sensitive information. Additionally, the'dfeleted-information was retained for 
potential future use. .. 


Overall Report Classification. (U)TOP SECRET//COMINT//X1 
Category. (U) Other 


(b) (1) 

(b) (3)-50 use 3024 (i) 
(b) (3)-P.L. 86-36 


(U) Access to Signals Intelligence Databases; NSA/CSS IG, IN-04-0001, 

11 March 2004 

Summary. (U // ' FOUQ) A key NSA goal is to share information in Agency databases 
more freely among all parts of the extended enterprise and with Agency customers. Just as 
this inspection commenced, the Signals Intelligence Directorate (SID) announced a new 
policy for gaining access to these databases. As a result, we curtailed the inspection but 
made recommendations to ensure that access requests are handled in accordance with the 
new transformation goal. We found that SID’s efforts to streamline database access had 
gathered considerable momentum. 

Management Action. (U //FOUO) T o sustain this momentum, SID officials agreed 
to publish a policy framework to guide those who make mission-related decisions on 
whether to grant access to SID databases; document the main steps in the new process, 
along with time limits for each step; and spell out the authorities, roles, and responsibilities 
of all parties involved in processing requests to access SID databases. 

Overall Report Classification. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 

Category. (U) Joint Warfighting and Readiness 
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(U) Possible Violations of Federal Law, NSA/CSS IG, IV-04-0003,12 March 2004 

Summary. (U //FQUO j Pursuant to a 1995 agreement between the Justice 
Department and the agencies of the Intelligence Community, we requested that the NSA 
General Counsel refer to the General Counsel of another Intelligence Community agency 
allegations of possible criminal misconduct by an employee of that agency and the results of 
our inquiry. 

Overall Report Classification, (U) TOP SECRET//COMINT//NOFORN//X1 

Category. (U) Other 


(U) Time and Attendance Investigations, IV-03-0022 (12 December 2003), 
IV-03-0047 (9 December 2003), IV-03-0059 (5 February 2004) 


Summary. ( U//FOUO^T ’he OIG substantiated three separate and substantial 
“Time and Attendance Abuse” allegations where employees claimed hours in excess of 
what they actually worked. Combined, these cases will result in the recoupment of 
almost $30,000 in funds paid to employees for hours falsely claimed. One of these 
investigations uncovered rampant timecard abuse in one particular Agency organization 
and resulted in findings against six of that organization’s employees. 


Overall Report Classifications. (U) UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(all three investigations) 

Category. (U) Other 


(b) (3)-P.L. 86-36 


(U) Attack Sensing and Warning Progrqm; NSA/GSS IG, AU-O3-OO03, 24 March 2004 

. • ' ' • 

Summary. -fS)-The purpose of th^Attack Sensing & Warning (AS&W).program is 
to detect unauthori^zed intrusio ns or ma licious attacks on DoD systems and net works. 

The au 4 i t lobked at the Agency’s ^ajor AS&W projects. We found that thi^ 


program has never undergone the type of independent formal review required by 


DoD and NSA acquisition regulations. Furthermore, no one has determined when 
future program capabilities will be fielded and how much they will cost. The audit also 
found that the Defensive Information Operations officials have no formal process for 
passing research and development (R&D) topics or requirements to the Defense 
Computing Research Office. 


Management Action. (UZ/POUf)) Management has agreed to place the AS&W 
program in the appropriate category, schedule a milestone review, conduct Operational 
Testing & Evaluation, and coordinate R&D efforts with the Defense Computing Research 
Office to share information and avoid duplication of effort. 

Overall Report Classification. (U) SECRET//NOFORN//X1 

Category. (U) Other (Major Acquisition Program) 
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(b) (1) 

(b) (3)-50 use 3024 (i) 
(b)(3)-P.L. 86-36 


(U) Counter Encryption Programs; NSA/CSS IG, AU-03-0002,-31 March 2004 

Summary. ”tS) The purpose of the audit was to determine" if a counter encryption .* 
program is capable of meeting current and projected customer requirements to counter .* 
specific instances of strong encryption] [• 


Management Action. (U) Management concurred in the recommendation to 
complete the necessary program documentation and to provide it to the MDA at the 
scheduled interim review date of April 2004. 


Overall Report Classification. (U) TOP SECRET//COMIlsrT-ECI-KES//Xi 


Category. (U) Other (Major Acquisition Program) 
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(U) OFFICE OF THE INSPECTOR GENERAL 


(U) Chartered by the NSA Director and by statute, the Office of the Inspector General (OIG) conducts audits, 
investigations, inspections, and special studies. Its mission is to ensure the integrity, efficiency, and 
effectiveness of NSA operations, provide Intelligence Oversight. protect against fraud, waste, and 
mismanagement of resources by the Agency and its affiliates, and ensure that NSA activities comply with the 
law. The OIG also serves as an ombudsman, assisting NSA/CSS employees, civilian and military. 

(U) AUDITS 

(U) The audit function provides independent assessments of programs and organizations. Performance audits 
evaluate the effectiveness and efficiency of entities and programs and their internal controls. Financial audits 
determine the accuracy of the Agency’s financial statements. All audits are conducted in accordance with 
standards established by the Comptroller General of the United States. 

(U) INVESTIGATIONS 

(U) The OIG administers a system for receiving complaints (including anonymous tips) about fraud, waste, 
and mismanagement. Investigations may be undertaken in response to those complaints, at the request of 
management, as the result of irregularities that surface during inspections and audits, or at the initiative of the 
Inspector General. 


(U) INTELLIGENCE OVERSIGHT 

(U) Intelligence Oversight is designed to ensure that Agency intelligence functions comply with federal law, 
executive orders, and DoD and NSA policies. The Intelligence Oversight mission is grounded in Executive 
Order 12333. which establishes broad principles under which Intelligence Community components must 
accomplish their missions. 


(U) FIELD INSPECTIONS 

(U) Inspections are organizational reviews that assess the effectiveness and efficiency of Agency components. 
The Field Inspections Division also partners with Inspectors General of the Service Cryptologic Elements and 
other IC entities to jointly inspect consolidated cryptologic facilities. 
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(U) A MESSAGE FROM THE INSPECTOR GENERAL 




) 

I 


(U) This report summarizes the more significant activities of the Office of the Inspector General (OIG) of the 
National Security Agency between 1 April and 30 September 2011. The report is mandated by the Intelligence 
Authorization Act of 2010. 

(U) During the reporting period, the NSA OIG completed 59 audits, inspections, special studies, and 
investigations. 

(U) The Audits Division completed five audits ranging from Information Technology to federal compliance to 
operations. 


1 


(U) The Inspections Division c ompleted reports o n two joint inspections of 
expeditionary operations review of | . 

(U) The OIG completed five special studies of operations and intelligence oversight. 


NSA field sites and one 


(b) (3)-P.L. 86-36 


I (U) The Investigations Division fielded 571 contacts from the OIG Hotline. The team opened 53 investigations 
and closed 46 in the reporting period. 


(IJ) The office also completed internal quality assurance reviews of the Joint Inspection program and the 
Ibl low-up process. 


I (U) Each report and special study contained recommendations on which the OIG and NSA management 

i concurred, recommendations designed to improve the efficiency and effectiveness of the programs under 

review. The OIG tracks recommendations until they have been implemented and regularly reports to the NSA 
, Director on the status of open recommendations. Of the 213 recommendations issued in the reporting period. 
36 have been closed. 



George Ellard^ 
Inspector General 
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(U) SIGNIFICANT PROBLEMS, ABUSES, AND DEFICIE NCIES 


(b)(3)-P.L. 86-36 


(U/.^QU0) OIG work during the reporting period did not reveal any particuLarly *^0us or flagraiht 
problems, abuses, or deficiencies related to the administration of Agency prograink'and operations 
requiring immediate reporting to the Director and to CongreSs.’ . • \ 

(U^^EOJyO) Completed reports did identify P [ significant problem’s relaW Jb Agency operatioijg and 

made appropriate recommendations. Agency managers agreed ^\Vith ah i;ecoifwnendations; however. 

corrective action plans were not provided for one of the! [significanit retommendaiions. 

*-' 

(U) Audit of Agency Controls for| flT.H.iIrdware PiM*chases (29 April 


(U) Audit of Agency Controls for| | IT. Hardware PiM*chases (29 Apr 

2011 ) 

♦ ♦ • ■ ■ ■ 

(U// FOU 0) The audit concluded that the Agency’s Supply Chain Risk*Management (SCRM) stratedy 


♦ ♦ . 

(U) The audit included three significant recommendations: .♦ . 



(U) Audit of Nuclear Command and Control (NG2) (23 September 2011) ^ ! 

(UZ/e©ye)*f he NC2 program | 7 i 

f Since 2003, approximately ! f reconunendations related to NC2 have been made by auditors 

and vulnerability assessment teams. The focus.bf the current audit was to ensure that ajitions taken 
satisfied previous recommendations. In addition, the audit reviewed new problems discovered since the 
2006 OIG audit. 

(T9//N F) The audit revealed that all but | [recommendations have been adequately closed. Key 
recommendations from 2005 dealing with| • 

m 

I Appropriate corrective action hajs been taken for 

—I 

• ♦ 

(U) The audit made two significant, recommendations; *. *. ' 

* . ♦ 

• (U/ /FOU O) Complete the testing and approval requirements for the accountabilit y system to 

provide 100 percent assurance ofthe | •.. •, [ 

• (AWF)| * • . . 


and establish a timeline tor completion. (Management did not 
provide a conective action plari for thas-recoiniiiendation.) **•.•. 

. X _ 

(b) (1) 

(b) (3)-50 use 3024 (i) 
(b) (3)-P.L. 86-36 
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(TInTOTTfr) Special Study of Non-Traditional Dissemination Methods: Dissemination Strategy 
Evaluation (28 September 2011) 


(UjJiQUO) Since 2011. NSA has worked to address the challenges and opportunities presented by a 
Presidential call for increased information sharing. Various non-traditional dissemination methods have 
been implemented to facilitate that effort. The review, which focused on select processes and tools that 
analysts use for non-traditional dissemination, revealed that the Signals Intelligence Directorate (SID) 
does not have a comprehensive disseminati on plan an d that the Directorate’s implementation of the IC- 


wide information-sharing system known as 
limitations on its use. . 

(TIi'iTOTlf’t) The report made three significant recommendations: 


resulted in confusion and overly restrictive 


(b) (3)-P.L. 86-36 


(T I/iTDI Iff) Conduct a strategic review of dissemination policy and create a comprehensive 
dissemination plan. .• 

(UiiJTOU0) Re-evaluate the internal controls used for 
NSA/CSS participation in the tool. 

(UZZEO^) Update the 


and the operating principles for 


and announce the new guide to the 


analytic workforce. 


(UAflTOUO) SID took immediate steps to implement the two recommendations related to 
they have been closed. 


and 
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(U) AUDITS 


(U) Audits Completed in the Reporting Period 


(b)(3)-P.L. 86-36 


(U) Agency Controls for| |lT Hardware‘l^^ases (29 April 2011) 

(U/i/TiOL40) Because of the growing reliance on globally sourced Ir;formatij)n,'Technology. (IT), Agency 
systems and networks I ' i 



(U) NSA Police (NSAP) Operations (9 May 20Jij O .* .* /; •*; I! 

(UZZBOyO) Controls over NSAP equipment, inventorie6**naust,be tiglitenefl.’ anc£ NSA needs a formal 
agreement with Fort Meade for Vehicle Cdrgo Inspection Facility (VCIF)‘seryijces. NSAP managem^t 
lacks a process to determine needs fo^ operational, squipm^t apid.Supplies. As ;a result. Agency funds 
are not used economically and efficiently and ioWntcrry r ecords are inaccurate, 

_ .* Th e* Agency S pends more than | ~[ a| 

year in salary expenditures | | K-9 teams) approximately | ♦ N SA 4nd Fort Meade vehicle and 

cargo inspections. The Agency must forn{dlizq*the VCIF (^efation agreement with Fort Meade to • 
ensure a clear understanding of roles ^d*resp6nsibilities. referred this matter to the Office of ! 
General Counsel for review. .*.*.* .* * 

* * * •* . • • 

(U) NSA/CSS Compliance witb'tfie Federal Informa’tioyn Security Management Act (FISMA) ] 
(13 September 2011) .*♦* .* ;* * .* ; 

• * • • • • ^ 

(T Ii'iTOT 1ft) FISMA requires <neasqfements of the adequacy and effectiveness of the federal 

government’s information.securit;^ environment and systems that operate within that environment. The 
audit details the Agency.’s effoctS during the p ast..VeaK‘to improve IT'processfes and track Agency and 
system weaknesses..•More wofk must be done| ;* .* ‘ ■ 


(U) Nuclear Command,'and Control (NC2^ (23-September 2011)* 

(UiZEOW^’The NC 2 .t)rogram | ? : ^ 

f Since 20p3. approximately ! J recoftimendations related to NC2 have been made. We 
concentrated onl^previous recommendations that we determined to be the most relevant. The focus of 
the current audit was to ensure that acti.Ons taken satisfied previous recommendations. In addition, the 
audit reviewed new problems discovered since a 2006 OIG audit." 

(¥&WF) The audit revealed that all iDut I Irecommendations hafve been adequately closed. Key 
recommendations from 2005 dealing with) • j 




corrective action plans tor 




recommendations but did not provide 
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(b) (1) 

(b) (3)-P.L. 86-36 


(U) Significant Recommendations Outstanding from Previous Semi-Annual 
Reports _ 

(U) Audit of Cross Domaiu Solutions (CDSs) (23 June 2010) 


(U/,1^101,40) The audit objective was to determine whether CDSs effectively and efficiently protect ‘ 
Agency networks. A CDS is a controlled interface that allows the secure transfer of data between • 
domains with different security levels (e.g.. Top Secret to Unclassified ). 

I SZ/PiEL TO UCA. F\TIV ) Finding Agency CBSsP" 


(U /tfOU Q) Recommendation Improvej" 


kgency CDS operations 
[for all operational CDSs. 


UPDATE: A solution is in development’. This recommendation remains OPEN. 


* ■ 

(U) Audit of Mission Assurance Contin^iity of Operations Compliance and Testing (17 August 
2010) 


(UiZrOUQ) In August 2008. NSA identified 14 Mis sion E ssential Functions (MEFs) that must be 
performed in all circumstances. As of August 2009. | ^ j Agency organizations had been identified as 
being responsible for performing essenti’at tasks that support one or more of the 14 MEFs. 


(C/iTlEL TO UOA. FWV) Finding A small percentage ofthe j [ organi zations maintained complete. 
updated, and operationally tested Continuijty of Operations (COOP) plans. 


• ■ 

(U^JEOWO) Recommendation Track organization compliance in developing comp/ete COOP plans and 
performing annual updates and testing. UPDATE: Akhjfugh only a small percentage ofGOOP plans 
have been updated and tracked, this action'has been giv^ high priority. This re 90 mmendation remains 
OPEN. 


(U) Ongoing Audits 


(b)(3)-P.L. 86-36 


(b) (1) 

(b)(3)-P.L. 


86-36 


(U) NSA/CSS Wireless Networks and Devices 

(U) The audit objective is to assess Agency controls for protecting against unauthorized operation of 
wireless networks and devices within NSA/CSS and to assess Agency wireless implementation 
initiatives. 


(U) High-Performance Computing 

I 

(U) The audit objective is to evaluate the contracting process of the High Performance Computing - 
Special Program Office. 

(U) Information Sharing 

(U) The audit objective is to review Agency effectiveness in sharing cyber threat and vulnerability 
information with other IC agencies in accordance with the Comprehensive National Cyber Initiative. 
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(U) Acquisition Security Process 

(U) The audit objective is to determine whether the acquisition security process effectively and 
efficiently mitigates the foreign ownership, control, or influence and counterintelligence risks of Agency 
IT purchases. 

(U) ARCANAPUP Modernization Effort 

(U) The audit objective is to determine the effectiveness of ARCANAPUP in meeting program goals. 


(U) General Application Controls for Agency Payroll, Human Resources, and Contracting 
Systems 


(U) The NSA Comptroller requested that we review the Defense Civilian Payroll System, the Human 
Resources Management System, and the Contracting Management Information System. The audit 
objective is to assess the general and application controls of these systems. 


Jprogram 


(I [liTOI The audit objective is to determine whether the[ 


(b)(3)-P.L. 86-36 


T^user. 


Interface meets-customer 


needs and whether its implementation is in compliance with Agency acquisition policies. 


(TT//FOTIfl) NSA/CSS Compliance with the Federal Informatipu* Security Management Act 
(FISMA) 

♦ * 

(U) In accordance with Office of Management and Budgqt*guidance, we will assess the overall 
effectiveness of Agency information security policies.^ procedures, and practices. Our report will be 
forwarded to the ODNI Inspector General for consolidation and reporting to legislative committees. 

♦ 

♦ ■ 

(U) Price Reasonableness Determinations for Agency Contracts 

♦ ■ 

(I Ii'iTiOT Ift') The audit objective is to det^ermine whether the Directorate of Acquisition cofnplies with 
Federal Acquisition Regulation requirements for determining price reasonableness and N6A/CSS Policy 

8-4, Competition in Contracting. , ♦ 

♦ ■ 

(Tii'iTOTIO) The j [ program 

The audit objective is to assess the privacy of data collected b\ J I and validate 

that Personally Identifiable Information is adequately safeguarded from unauthorized access. 


(U) Export Controls 

(T I/iTOT Iff) The audit objective is to determine whether NSA’s export control process complies with 
laws, regulations, and authorities. 
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(U) INSPECTIONS 


(U) Inspections Completed in the Reporting Period 


(U) Joint Inspection ofNSA/CSS Hawaii (NSAH) (29 April 2011) 

(T Ii'iTOl TH) This inspection was conducted from 24 January to 4 February 2011. The site is led by a 
commander who emphasizes integration and collaboration with the Service Cryptologic Component 
commanders. The workforce is generally positive toward mission, but some are dissatisfied with the 
watch schedule, ineffective communication s across the chain of command, and the overwhelming and 
conflicting nature of dual responsibilities (i.e.. Joint and Service). Site leadership is heavily engaged in 
the simultaneous transitions of host responsibilities to NSA/CSS and mission to a new building, causing 
gaps in mission expertise. Lack of a comprehensive financial picture and centralized manpower- 
tracking tools inhibits efficie nt use of resources and affects numerous programs that require accurate 
manoower and resource data. 


■(U) Joint Inspection of.NSA/CSS 



U/ ^Ql^ ) This inspectiofi.Vas conducted from 2 to 13 May 2011. NSA/CSS 

l^and enabling organrzations located at the l | arelchallenged ! . 

with a | ♦. ♦ ♦ Staffing is adequate to meet responsibilities, although; ; 

competing ptiorities at times stretch the staff ta their limits. Military/civilian relatioriiships are good, and 
the enabling organizations are custolner focused".. The overall climate is positive. ; ! ! * 

(U/ /rOUQ) | \\ *♦ is focused on mission success, liowever, there’are 

a number of qual ity-of^hfe challenges, r^^ing froirt.facilities conditions to limited wqrk apace to distent 
support services. | ♦ . * ’ 



(Ui/TOU^_^has strong leadership that Wj made pbtshive improvements to morale.'. The command 

climate at | |^ is strong. There is a cle ar unde rstanding csfthe mission, and military/ci^Jillan 
relationships arelpositiver -Xhe Director . I I although relatively-new, has had a positive! effect onthlei 
site and projects a clear visipn of where | |m tist go m the future.*‘He has been a catalyS for positive; 

* • • * * . * • . * ‘ * • *♦ ’! 


change. 


(U) Expeditionary Operations Review (EOR).qf | .,*♦.**♦*. * 
(I M i 'QU O) The FOR Team reviewed mission operati6tls*an^fC) at 


^(2.8 September 2011) 
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( S/i([lEL TO UGA. FVE¥ ) The CST and CSGs work closely with their customers and the extended 
enteiprise to anticipate, identify, and satisfy support requirements. Knowledgeable customers 
understand the contribution of Signals Intelligence (SIGINT) to operations and point to individual and 
team behaviors when evaluating the success of CSGs orCSTs. 

(Ui4 FQU 0’) Site mission, functions, tasks, authorities, and differentiation from supported commands’ 
organic SIGINT resources must be documented, and NSA/CSS Washington must provide reporting and 
sanitization Standard Operating Procedures. NSA/CSS should determine the feasibility of participating 
in supported element pre-deployment exercises and obtain supported commands’ post-deployment 
feedback. 


(U//POUO) 10 training and database access must be included on the deployment checklist. Officers in 
Charge need better guidance on how to perform O functions, and guides that detail processes and 
procedures must be developed. | 


• • • . 

(U) Significant Recommendations Outstanding•frocn Previous Semi-Annual 


Reports 


(b)(3)-P.L. 86-36 


*♦1 


♦♦t ♦ 

4 ♦ « 


(U) Joint Inspection of j 

(U) FINDING: Fire Suppression System Lacking. 

(U// yOUO ) Lack of a fire suppression systenr m ] . ’ i seriously d egrade; 

to protect life and critical equipmepU 'This deficiency'whs iijjfially identified during a| 
Inspect or General inspectio a arid was noted.dgatVi-- 


. . 1(17 Noveanber 200 8 

t" 


Survey f 


I * * * 

Overall stewardship 


n’i p’an NSA 
orf /[fa 


the^ability 
omt*. 

Occupatioiial Health ^nd Env irodmdntal 


:^rade^ 


facilities is thb responsibility of| 


I .•*,.♦•**** ♦* * I Planning, for fire suppression 

system installation ! . ♦ * ‘ * j* hpwever. no»stakeholder agencies committed the needed 

fijnding. Although it re named*h criticaf safety deficiency, no further progress was^ma de untiP 


% 


installatioiT 


tho’Directoi:.*NSA emph asized the need to complete the action. 

contracted for system design, followed 
A projected & 
Jai 




I I contracted for system design, followed by a phased 

mpletion date of 
^and possible delays 

in g etting supplies nee ded to complete the installation. UPDATE: The projected completion date is 
still I f Disruption of supplies was minimal, and the contractor made changes to the work 

sch^ule to compensate for delays. 


^ ♦ [ using coagolidated crypto logic program funding. 
Jremains.tentative because of[ 


(U) Multiple Joint Inspections from FY2005 to FY2010 Regarding USSID CR1200 

(C/iT\EL TO U0 j\. r\T: - ¥ ) USSID CR1200. Concept of SIGINT Support to Military Commanders. 
provides policy and guidance on SIGINT support to military commanders and operations. Published in 
1998, this United States Signals Intelligence Directive (USSID) is severely outdated, contains obsolete 
ftmctions and terminology not used in current military doctrine, provides no Higher Headquarters 
template for present-day Military Operations Integration, and does not establish standards for 
expeditionary SIGINT support for ongoing military operations. This significant deficiency was noted as 
a finding in inspection reports encompassing ) "iG lobal Cryptologic Enterprise Sites beginning in 
FY2005 and continuing to the present. An NSA/CSV action element is leading a working group with 
stakeholder participation to draft a new USSID as recomnlenfled in this inspection report. The action 
element determined that other supporting policy documents must.first be updated; there is no estimated 


(b) (1) 

(b) (3)-P.L. 86-36 
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completion date for this critical document. UPDATE: SID is developing a plan but intends to cancel 
this USSID. This recommendation remains OPEN. 


(U) Ongoing Inspections 
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(b) (3)-P.L. 86-36 


(U) SPECIAL STUDIES 


(U) Special Studies Completed in the Reporting Period 


(b) (1) 

(b)(3)-P.L. 86-36 


(' ftl//0I//I'Jr) NSA Controls to Comply with the Foreign Intelligence, Sui^eihance .Court (FISC) 
Order Regarding Pen Register and Trap and Trace (PR/TT)*Devices‘(15 April 2Q11) 

(' TB//0I//? i lF ) This review was conducted to deterjtune* whether‘the controls tested as part of a 20)0 year¬ 
long review of NSA compliance with spven‘provisions .of the Business Records (BR) Order were 
ad equate to provide reasonabl.e .as surance of com pliance with similar provisions of the ‘PR/TT Order. Of 
the) HQueries m ade‘b*etween | j ^the date when the FISC signed PR/Tt ] | apd 

I T no errors or instances of non-compliance were found with the five provisiems of the 

PR/TT Order related to querying that were tested. These controls therefore were judged to be adequate 
to provide reasonable assurance of compliance with the Order. Although we intended to test HSA 
compliance with two additional provisions related to dissemination, we were not able to becaus e NSA 
did not issue serialized SIGINT reports that contained PR/TT-derived [ during 

the test period. 

(J£iiV0L';W) NSA Controls to Comply with the FISC Order Regarding Business Records (25 May 
2011 ) 

(J SiVDI/ZI i ff ) This report summarizes the results of our audit of NSA controls to comply with the FISC 
BR Order. From January through December 2010, we conducted monthly tests of NSA compliance 
with seven provisions of the BR Order to determine whether controls were in place and operating as 
intended. Querying controls were adequate to provide reasonable assurance of compliance with the five 
provisions of the Order we tested. Manual controls over the dissemination of serialized SIGINT reports 
and the compilation of the Weekly Dissemination Report were inherently risky but manageable. The 
manual dissemination controls will be increasingly difficult to manage if the amount of information 
disseminated outside NSA increases. 

(U) Review of Attrition of| 

I ~|( 26 May 20Tn I 

fTT/ZFOTTO) Thr Director. NSA requested that the OIG review factors influencing recent attrition of 




Betwefen February and March 2011. the . 


resigned in lieu of te rminatipn onj __ • I were considered important to 

mission. Ijecause it takes i |t otraina replacement capabl e of perform ing at thq.'level 

orm5se wjip have* left.. However, the overall mission impa ct of the depart edj | was consider ed 

minim al and under cojitrol.* To mitigate future Iqs^ ofthese f- * . /I Ihe 

I w ith Human Resouffces. assistance,, is consid'eri^g.aw^dmglretention tfoplises to ensure,;fhat tne 
Agency’reefeives a teturn on its ihve'sttnent.* • . ***•’.! 
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(TTi'iT'OTTft) Non-Traditional Dissemination Methods: Dissemination Strategy Evaluation 
(28 September 2011) 

(T II'iTOTIft) Various non-traditional dissemination methods have been implemented to address the 
challenges and opportunities presented by a Presidential call for increased information sharing. The 
review, which focused on select processes and tools that analysts use for non-traditional dissemination, 
revealed that SID does not have a comprehensive dissemination plan. 

(U) Significant Recommendations Outstanding from Previous Semi-Annual 
Reports _ 


(U) Data Sharing with Third-Party Partners 

(Ui^ZEOy©) NSA’s Third Party partners are nations other than Australia. Canada. New Zealand, and the 
United Kingdom with which the U S. government has national SIGINT arrangements. The purpose of 
the review was to det ermine whethe r policies and procedures are in place to ensure compliance with 
authorities for sharing! I with Third-Party partners. 


(UiZrOUO*) Finding Documentation fof i« ^ disseminated to Third ;Party partners is not 

centrally maintained, retrievable, or current.* ^ 

(TL'iTOUft) Reco mmendation The Foreign Affeirs Directorate (FAD) shoul'd establish a repository for 
documentation of | [ shared with Third-IP^y partners and add this as a Director of Foreign 

Affairs responsibility inNSA/CSS Policy 10-1. UPDATE: F.(UD has established a repository but has 
not updated documentation. FAD ha*s‘bjgen asked to update NS.^CSS Policy’.1-10 with the statement 
that the Foreign Affairs Director shall maidtaiii a central repository, on its database system for Third- ; 
Party information. **., 

(€ 7 ' >‘ RCL to USA, F\^EY ) Finding SID’s disseminatioh*cif *. *. to Third-Party partners lacks 
adequate controls. 
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(b) (1) 

(b)(3)-P.L. 86-36 


Recommendation Review and revise lhe*2007 oversight process for disseminating 
I h o partners, including saijipling’pYdcedures. Inform the workforce of the revised process. 


. • • .V- 

R ectnqnrehdation Establish a standard process for handling all| 

I I UPDATE; SID has developed a process but has not formally approved or communicated it to 


the workforce. 
(LUZFOfeie) 


(UATOTIf)) After the 11 September 200rt€irorisf attacks on the United S tates. NSA establ ished* a 

Since then. ! | has undergone 

several reorganizations; most recently. ! ^ ecame ao element of the SlGINT Development Strategy 
and Governance organization. * • . , *♦ ' | 

□ **** * * • • 

lacks essential authorizing mission.docmji'entation*and standards. 

'"***■ ****** * 

(C//PdEL TO USA. FVEY) RecommerirfatioD -EubUsh and publicize the.fmssiohs ahd functions' o ^ | 

field sites, clearly defining the division of effort , prioritization, "measuies .ofsriccgss.* and roles and 
responsibilities of personnel. UPDATE: I Ii s making slow progress. * ~ 

(TTi'iT'OTIft) Finding | | lacks an 10 program. 


(b) (3)-P.L. 86-36 


(U// FOUQ ^ Recom ineiidation- Designafe'ah t' ' ' H O Officer focused on kO standards and practices to 
establish an | | SOP that clearly delineates the standards for acpeptihg. Jeading/processing. storing, 
reporting, and queiying data associated with U.S. persons in-a'cc^rdagee* with DpT) Regulation 5240.1-R 

and other regulations and instructions. UPDATE: | j is making slow progress. 

♦ • 

* 

(U) Ongoing Special Studies ♦ • */ 


♦ • , 

(TTjjTOTTO) Management Controls to Implemedt the Foreign Intelligence Surveillance Act (FISA) 
Amendments Act of 2008 

♦ • 

♦ • 

(IMiQUO') The objective of this study is to determine whether NSA co.fttrols are adequate to-provide 
reasonable assurance that NSA cpmplies with the terms of the FISA Amendments Act. 


]fisa 


(UiiFODQ) Computer N efwork Exploitation by I ? 

I - _c_ 

(T Ii'iTiQI It°i) Till nhjrrli r of this study is to evaluate I 
operations for compliance with national and NSA policies and procedures. 

• 

NSA Controls to Comply with the Foreign Intelligence Snrveillance Court Order 
Regarding Business Records Retention 

_ • 

(TO/ZOI/iT ^ iP ) The objective of this study is to determine whether NSA controls are adequate to provide 

reasonable assurance that NSA complies with the terms oftTiie FISC Order for BR retention. 


(U)[ 


^c//gT//pig] ^ TO USA, FVE¥ ) The objective of this study is to review recent 
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(U) INVESTIGATIONS 


(U) Summary of Prosecutions 


(U) Indictment 

(U) In May 2011. a federal grand jury indicted three family members for conspiracy to commit wire 
fraud arising from a fraudulent billing scheme on an NSA contract. The defendants, all former officials 
of an Agency contractor, are alleged to have instructed employees to inflate the number of hours spent 
working on NSA contracts and. in some cases, to claim time spent working on NSA contracts when in 
fact they had not been. The indictment seeks forfeiture of $1,455,174. believed to be the amount of 
payments fraudulently received from NSA. 

(U) Sentencing 

(U) In June 2011. a former Agency employee was sentenced to 18 months in prison followed by three 
years of supervised release for conspiring to obtain payments in return for taking actions as an NSA 
official and for making false statements to conceal the illegal payments from the Agency. The former 
employee was also ordered to serve six months of the supervised release in home detention with 
electronic monitoring and to perform 100 hours of community service and pay a $15,000 fine and 
$4,929.90 in restitution within 60 days. In the same case, two officials in a private company, who had 
made the improper payments, were also sentenced: one to one year and one day incarceration and three 
years of supervised release and the other to six months in prison followed by one year of supervised 
release. The company was also ordered to pay a fine of $130,000 and restitution of $104,989.84 (which 
has been paid in frill). 

(U) In September 2011. a former NSA contractor employee was sentenced to five years of probation, ten 
months of which is to be served in home detention with electronic monitoring, for making false 
statements in connection with labor hours claimed on an NSA contract. The former contractor employee 
was also required to pay restitution of $108,780.46, which represents payment for 836 labor hours not 
actually performed. 

(U) Referrals_ 


(U) The U.S. Attorney’s Office in Baltimore, Maryland, is considering a contract labor mischarging 
case. The dollar amount is approximately $49,000, representing approximately 677 falsely claimed 
labor hours. 

(U) OIG Hotline Activity_ 


(U) The division fielded 571 contacts from the OIG Hotline. The team opened 53 investigations and 
closed 46 in the reporting period. 
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(U) INDEX OF REPORTING REQUIREMENTS 


(U) 


I IG Act I 

Reporting Requirement 

i Page | 

§5(a)(1) 

Significant problems, abuses, and deficiencies 

1-2 

§5(a)(2) 

Recommendations for corrective action 

1-2 

§5(a)(3) 

Previously reported significant recommendations not yet completed 

4, 8-9, 12-13 

§5(a)(4) 

Matters referred to prosecutive authorities 

15 

§5(a)(5) 

Information or assistance refused 

N/A 

§5(a)(6) 

List of audit, inspection, and evaluation reports 

19 

§5(a)(7) 

Summary of significant reports 

1-2 

§5(a)(8) 

Audit reports with questioned costs 

21 

§5(a)(9) 

Audit reports with funds that could be put to better use 

23 

§5(a)(10) 

Summary of reports for which no management decision was made 

N/A 

§5(a)(11) 

Significant revised management decisions 

N/A 

§5(a)(12) 

Management decision disagreements 

N/A 


(U) 
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(U) APPENDIX A: 

AUDITS, INSPECTIONS, AND SPECIAL STUDIES 
COMPLETED IN THE REPORTING PERIOD 


(U) Audits 


(U) Information Technology 

• (U) Agency Controls for[ 


^IT Hardware Purchases 


• (U) Nuclear Command and Control 

(U) Federal Compliance 

• NSA/CSS Compliance with the Federal Information Security Management Act (FISMA) 

« 

(U) Operations 

• (U) NSA Police Operations 

(U) Inspections_\_ 


(U) Joint Inspections 

• (U) NSA/CSS Hawaii 

(u/^iiewTr^U) NSA/CSS Europe, 


(U) Operations 

• (U) Expeditionary Operations Review of |, ♦ * 

(U) Special Studies_^*_ 


(b)(3)-P.L. 86-36 


I •• 


(U) Operations 

• ^ IIJ) Review of Tl ttrition of[ 


( TS//SI//IIEL TO U0j*l. FVCY) 
( T0//0I//REL TO U3A. r\TV ) 


(U) Intelligence Oversight 

• ('TDj'/0I//t'JF) NSA Controls to Comply with the Foreign Intelligence Suiwelllance Court (FISC) 
Order Regarding Pen Register and Trap and Trace Devices 

• (' 'F0//DI//I ‘ ir) NSA Controls to Comply with the FISC Order Regarding Business Records 
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(U) APPENDIX B: 

AUDIT REPORTS WITH QUESTIONED COSTS 


(U) 


I Report I 

Number j 

Questioned Costs 

...... - 

Unsupported Costs | ; 

For which no management decision had been made by start 
of reporting period 

0 

0 

0 

Issued during reporting period 

0 

0 

0 

For which management decision was made during reporting 
period 

0 

0 

0 

Costs disallowed 

0 

0 

0 

Costs not disallowed 

0 

0 

0 

For which no management decision was made by end of 
reporting period 

0 

0 

0 

(U) Because our recommendations typically focus on program effectiveness and efficiency and strengthening internal controls, the 
monetary value of Implementing audit recommendations often Is not readily quantifiable. 


(U) 
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(U) APPENDIX C: 
AUDIT REPORTS OF FUNDS THAT COULD 


BE PUT TO BETTER USE 


(U) 


j Report I 

Number | 

Amount j ' 

For which no management decision had been made by start 
of reporting period 

0 

0 

Issued during reporting period 

1 

$491,400 over 5-yr defense plan 

For which management decision was made during reporting 
period 

1 

$491,400 over 5-yr defense plan 

Value of recommendations agreed to by management 

1 

$466,602 over 5-yr defense plan 

Value of recommendations not agreed to by 
management 

1 

$24,798 over 5-yr defense plan 

For which no management decision was made by end of 
reporting period 

0 

0 

(U) Because our recommendations typically focus on program effectiveness and efficiency and strengthening internal controls, the 
monetary value of implementing audit recommendations often is not readily quantifiable. 


(U) 
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(U) APPENDIX D: 

RECOMMENDATIONS SUMMARY 

(Ui4iOU6) The OIG made 213 new recommendations to NSA management in reports issued in the third and 
fourth quarters of FY2011: 99 in the third and 114 in the fourth. During the third and fourth quarters, the 
Agency implemented 84 and 71 recommendations, respectively. Figures 1 and 2 depict long-term progress in 
implementing OIG recommendations. We monitor recommendation completion on a rolling three-year average. 


(U) Figure 1. Agency Implementation of OIG Recommendations 



(U) Figure 2. Implementation Rate Comparison 



(U) Percentages depict progress in implementing recommendations during a three-year period by quarter. 
Progress in the fourth quarter during the current three-year period is consistent with historical norms. 
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(U/ /FOU 0 ) Managers fully implemented recommendations made in the following reports by the 
end of the fourth quarter: 

• (Li^oye) P 

• (I.UiTiOT-10) Package Screening for Chemical & Biological Agents (31 March 2006) 

• (Ui£EOy©) NSA’s Computer Security Incident Response Process (26 September 2006) 

• (U) SPL Mask-Making and Wafer Fabrication Closeout (23 June 2008) 

• (U) Agency System Security Plans (8 September 2008) 

• (U) FMS FACTS (31 December 2008) 

• (U) NSA/CSS Threat Operations Center (31 March 2009) 

• (U) NSA/CSS Commercial Solutions Center (28 August 2009) 


(U) Foreign Language Incentive Program (13 May 2009) 

( TS//P.EL TO UOiA F^^E Y) | 

(25 September 2009) 

(TS/iTlEL TO UOiA F\^E¥ ) | 

(25 September 2009) 

(U) Follow-up Audit of Contractor Space (30 September 2009) 


(b) (1) 

(b) (3)-50 use 3024 (i) 
(b)(3)-P.L. 86-36 
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SECJtrTy^'RTL TO Fl'EY 


(U) SEMIANNUAL REPORT TO THE CONGRESS 

(U) For the Period April 1, 2009 through September 30, 2009 


(U// rQU 0) Foreign Language Incentive Pay Program; NSA/CSS IG; ST-09-0005; 
13 May 2009 


(U// FOUO) Summary A special study found that the Foreign Language Incentive Pay 
(FLIP) program does not always meet its goals of encouraging civilian Language Analysts (LA) to 
acquire and maintain language skills and influencing them to remain in language an alysis positions. 

I | Since the 

implementati on of the Defen se Language Proficien cy Test (DLPt | the DoD standard, langua ge 
readiness fori Ifor which the! lis the test of record.! ' I 

I - y- ^ ^ ^ 

the Agency’s investment in the FLIP program, which inCceased from l *♦ | in FYQ6 tol ^n. 

FY07. Although the annual FLIP validation process is working well, FLIP*management controls ^e 
weak. * •. * ♦ ■ 


• * • 

(U) Management Action The NSA CoS has begun to* take action on fljp recommendation 

for a program review in which the Signals Intelligence Directorate will partjdpal^.: ^ 


(U) Overall Report Classification SECRET//REL TO USA, FVEY 
(U) Category Joint Warfighting and Readiness 


(b) (3)-P.L. 86-36 


(UZ/FOUe) NSA/CSS Texas; NSA/CSS IG; AFISRA IG; INSCOM IG; NNW.c'lG; 
JT-09-0002; lJuly 2009 


( • S ' /ZREL TO USA, F^HEY) Summary The IG organizations of the Air Force Intelligence, 
Surveillance, and Reconnaissance Agency, Intelligence and Security .Command, Naval Network 
Warfare Command, and NSA inspected NSA/CSS Texas (NSAT).«Since a 2006 inspection, NSAT 


has taken on additional global missions such as| 

♦ 

♦ 

, while broadening the scope of others, including 

I 


land Customer Relations. 

Several responsibilities, such 

• Jpive transferred to other sites. Key points 

from the inspection include: : 

I) NSA HQ/Signals Intelligence Directorate-has delegated mission to 


NSAT| ji) h^AT leadership has been effective in 


- 1 -^- 

♦ ■ 

(U) Management Action Management concurred with aM reccniimendations and corrective .* 
actions are underway. 

(U) Overall Report Classification TOP SECRET/ZCOMINT^Z^L TO USA, FVEY /* 


(U) Category Joint Warfighting and Readiness 


(b) (1) 

(b) (3)-P.L. 86-36 


Approved for Release by NSA on 07-01-2019, 
FOIA Case # 79825 (litigation) 


Derived From: NSA/CSSM 1-52 
Dated: 20070108 


^ ■ eRED^fRLL TO UDA, FWY 


Declassify On: 2^ 320108 - 
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(b)(3)-P.L. 86-36 


(U) Interim Report ofNSA/CSS on Mission Assurance; NSA/^TSS {G; IN-09-0003; 

8 July 2009 .* / -I 

' (S//IIEL TQUGA, F\T2Y) Summary The OICJ^s inspection ofmi3sSon assurance provided 
background on implementation of the mission assufance policy. Objectives aal addressed the 
organizational placement of t he Agency’s Entgrpnse Mission, Assurance (Ehi A) function. 

Placement of EMA within the l . ♦/* / i ^ s inconsistent with 

EMA’s corporate responsibilities outliped*inNSA/CSS Policy ]-4, MissioitAssurance'.{\ Febmary 
2006). The consensus among the s.eniOr le aders was thatt • . ' | 

would be a more appropriate sitgTor EMA | i ' | The 

inspection also found that sojhe progress has been made on several Policy 1-4*objectives; however, 



_ (U/ ^ QUO) Management Action EMA was transferred ! ‘ | EMA 

'"T ^ll continue to collaborate with the Technology Directorate to ) | 

[ and embed mission assurance.principles in governance, planning, and acquisition 
programs. The goal of both organizations is to ensure that the nation's SIGINT and Information 
Assurance missions will continue to.dperate through any disruption. 

(U) Overall Report Classification SECRET//COMINT//REL TOUSA, FVEY 

♦ 

(U) Category Joint W^rfighting and Readiness j 


■OIG Inquiry into the Red Team 


HnoidenC.NSA/CSS IQ;, 


(b) (1) 

(b) (3)-P.L. 86-36 


—- ^ ^ • 

(S//REL) Summary The objectives of the inquiry were to gstablish-fhe Tacts surrounding • 

the incident, evaluate responsibility, and assess compliance yvith Intern^ tonlrols antd their adequacy 
for preventing future inci dents. The inquiry found tl^at Red Teamjsehtrols were not adequate to ; 
revent the human errors! . • ’ . [ 



_ . • * ♦ * . * I had discontinued the 

j when problems became evidgEt! Poor communication between Red Teams and Vith Red 
Team Operations Management ♦c ’ohtributed to.the incidents. Although human error caused the 
I . ♦ * [ Red Teaiji*managers are responsible for the control environment in 

which the errors occurred. 

♦ ♦ 

_ (G/;RE ky Management Ac'tion In response to our inquiry. Red Teams stopped ]" 

I {pending approva Fto resume, stopped operations, and removed Red Team personnel 

from I | to ensure data integrity. Red Team management updated training 

processes and materials and conducted a training “stand-down” to ensure that all employees 
understood Standard Operating Procedures and policies. Red Team management is re-emphasizing 
and clarifying responsibilities to minimize the likelihood of recurrence. Information Assurance 
Directorate management concurs with the findings and has begun corrective action. 


2 


Release: 2019-06 
NSA:08894 






Doc ID: 6672229 


(U) Overall Report Classification SECRET//REL TO USA, FVEY 
(U) Category Information Security and Privacy 

(U/ ffOUO) FY2009 Audit Report on Compliance with the Federal Information Security 
Management Act at NSA/CSS; NSA/CSS IG; AU-09-00011; 24 July 2009 

(UZ/ FOUG) Summary The Agency’s emerging mission in the Comprehensive National 
Cybersecurity Initiative (CNCI) depends, in part, on the Agency’s ability to protect its systems and 
networks. The Federal Information Security Management Act (FISMA) measures the adequacy and 
effectiveness of the information security environment upon which this emerging mission is based. 
The FY2009 FISMA Report records the progress the Agency has made in strengthening information 
technology (IT) security processes and in tracking Agency-wide and system deficiencies. H owever, 
more work must be done to correct the material weakness reported in August 2006 regardin ' ' 



NSA/CSS Information Systems Incident Res ponse Team developed a formal follow-up system for ' 

land Contractor Accreditations and Inspections *. ! • 


continues to meet a self-initiated goal of 


(U) Management Action Manageftient •cencuaed. with all recommendations, and 
corrective actions are underway. .. *• *.1 _ 

(U) OveraU Report Classification TOP SECRET//COMINT//NOFORN 

(U) Category Information Security and Privacy 

(U/ /FOU0 ) Audit of Associate Directorate for Education and Tr^ing’l^/ormatfon 
Technology Infrastructure Problems; NSA/CSS IG; AU-09-Qpi'9, *2^ jHfy*2009.’’ 

(U//TOUO) Summarj’ The principal audit objeftiVe was to determine whether the 
Associate Directorate for Education and Training j(AJDET).Ff serv ers are adequately, cfo ntrolled.' 
operated in accordance with guidelines, poH ciq$,»* hnd cegulatioruT. L* ■ ' ['ADET ; 

experienced a significant server crash ♦* ♦ ’ ♦ ‘ ‘ f 




P.L. 86-36 




:ontnbufed to this problem,^ * The incident highlighted the need for 


ADET to bring thp ^ ’ ♦ ’ | into compliance with thejcertification and 

accreditation process. ^ • 

• ‘ . • * . • ■ 

♦ * (U//rOUQ ^ Ma nagement Action Action is underway to rebuil d and resto re approximately 

I I web pages and| |applications that were lost at an estimated cost of | • | To facilitate 

improvements in the VUport infrastmcture, ADET has requested the expertise of the Technology 
Directorate (TD) and is considering t ransferring its systems management tp TD. The OIG 
recommended that ADET ensure that | [ comply with the 

certification and accreditation process. ADET agreed to do so by 30 September 2009. 


certification and 
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(U) OveraU Report Classification TOP SECRET//COMINT/TALENT KEYHOLE//REL 
TO USA, FVEY 

(U) Category Information Security and Privacy 

(U/ / P OUQ ) Advisory Audit Report on Strengthening Contract Administration to Protect 
Agency Resources; NS A/CSS IG; AU-09-0001; 6 August 2009 

(UA TOUO) Summary Contract administration has been a longstanding problem atNSA. 
Over the last decade, the OIG reported contract administration problems in 65 audit, investigation, 
and inspection reports. Yet deficiencies addressed in one report almost invariably recur in the next. 
These deficiencies included inadequate invoice certification, out-of-scope work, award fee contract 
administration deficiencies, and other oversight concerns. These weaknesses were caused by 
inadequate training, over-reliance on contractors, and failure to follow policies and procedures. A 
powerful example of the consequences of poor contract administration can be seen in the OIG’s 
ongoing effort to uncover contract labor mischarging. To date, recoveries from fraudulent billings 
or out-of-scope work exceed $ 1.4 million. The advisory audit found that, although recent initiatives 
to address staffing shortages and reform policies have produced some improvement, the Agency 
must develop a comprehensive and consistent approach to correct these deficiencies. Contracting 
Officers and contracting specialists reported in two OIG surveys that they do not have time to 
perform contract administration adequately. The OIG proposed that the Senior Acquisition 
Executive with the Senior Leadership Team establish a contract administration process within the 
Directorate of Acquisition to provide adequate contract management, including oversight of 
Contracting Officer's Representatives. 

(U) Overall Report Classification SECRET//REL TO USA, FVEY 

(U) Category Acquisition Processes and Contract Management 


(U//POUO) Report of Investigation Regarding Alleged Improprieties atNSA Georgia; 
NSA/CSS IG; IV-09-0003; 14 August 2009 

(U//FOUO) Summary A former Navy linguist T I at 

NSA/CSS Georgia (NSAG) from 2004 until 2007 alleged that the | V |program at 

NSAG had unlawfully intercepted and processed U.S. person communications. I \ . 


(S//REL TO USA, F\^Y) The OIG found no targeting of U .S. pe rsons by | -i The 

investigation involvedi |in terviews of the complainant , more than|_| vyitness intervjew s, 

.‘I and the forensic an dysis o^ ♦ * !| records. 

Analysis showed that | ^ landled approximately j i during the period the f 

complainant’s; allegation covered (2004-200 5). and tKatj. ♦ '|(.022 percent) ! -{were 

incidentally collected U.S; communications.>_ | 

_!__- ♦ • ’_V, 


. , I JBcldcntal collection of U.S. person communications is a by- 

product of c ollec tion against legit^^^foreign'targets. The forensic data and relevant testimony 
^owed that | • ij ersonnel •liandi^**ip6identally collected U.S. person communications i^ accordance' 


(b) (1) 

(b)(3)-P.L. 86-36 
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with USSID SP0018, marking and deleting them as appropriate. 

_(U//F0^^) The complainant also alleged that, solely for entertainment purposes, 

|h ad shared ! 

The 01G fbtmd no merit to this allegation. I 


(U//f 

involving 


The complainant also madd two allegations regarding unlawful activit 



ment. 


The 01G investigation determined that these allegations were without 

. 

... 


(U) Overall Report Classification TOP SECRET//COMINT//NOFORN 
(U) Category Questionable Activities 


(b)(3)-P 


L. 86-36 


(U) NSA/CSS Commercial Solutions Center; NSA/CSS. IG;’IN-O*9-OP02;*27 August 2009 

. • • ’ ’ 

(U/ /rOUO) Summary TheN^A/CSS Commercial Soldtlons Center (NCSC) is meeting'its 
customers’ needs and succeeding*ih Its role as the NSA.frdnt door for industry partners. Overall,*, 
NCSCl . . • • • T' ( 


I_I as adequate mtormation to manage its annual budget and predict 

anticipated funds for the following year.' Some senior Agency leadership, especially from the 
Signals Intelligence Directorate. t^D), believe that the NCSC would be more effective if its 
functions were moved into’SiD. The OIG inspection found no evidence to support this assertion. 
Although NCSC \?.atfiieving its mission well, the inspection revealed the need for: 1) 
comprehensive* training for platform managers, whose role is critical to NCSC success, 2) an 

a ohlng acquisition strategy for Consolidated Cryptologic Program procurements that exceed 
and 3) changes to the current Issue Resolution Process to ensure compliance with NSA/CSS 
Policy 3-13 guidance to disseminate information technology vulnerability alerts quickly. 

(U) Management Action NCSC and SID management concurred on the recommendations. 

(U) OveraU Report Classification TOP SECRET//COMINT//REL TO USA, FVEY 

(U) Category Acquisition Processes and Contract Management 


NSA/CSS IG; IN-09-0005; 



_ H^ S /ZREL TO USA. Summary Th e inspection*found that the I I 

Isuffers from lack of strategic direction because of 

uncertai'pty surrounding {___ ' • . ♦ motivated 

workforc e and strong leadership need| * •. ' ♦ ’j tQ achieve the 

I jft ill potential \. * ‘ *., The;inspection revealed 


(b) (3)-P.L. 86-36 



(b) (1) 

(b HfeaisePgm 9-08 6-36 
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(b) (1) 

(b)(3)-P.L. 86-36 


, management controls in need of improvement. The current NSA/CSS| | 

♦ i The site’s resource alignment 

must be evaluated regularly in light of the disappointing results. The site lacks a vetting process and 
tracking system to oversee its requests. 

(U) Management Action ] l and associated Agency elements concurred on all 
recommendations and are taking corrective action. 

(U) Overall Report Classification SECRET//COMINT//NOFORN 

(U) Category Joint Warfighting and Readiness 

(U) Federally Funded Research and Development Center - Institute for Defense Analyses; 
NSA/CSS IG; AU-08-0008; 16 September 2009 

(U/ /rOUO) Summary The principal audit objective was to determine whether the Institute 
for Defense Analyses (IDA) contract is being administered effectively and in compliance with 
contracting and information systems security policies and procedures. The long term research 
partnership with IDA has yiel ded many Signals Intelligence and Information Assurance successes. 
However, our audit found that I 


Officer's Representative is also needed to determine compliance vwth contracts, effectiveness of V 
internal controls, and the cost efficiency of operations. ' 

(U) Management Action The Technology and Acquisition Directorates, in conjunction » 

with the Office of Mathematics Research Contracting Officer Representative, has initiated action on ' 
all OIG recommendations. 

(U) Overall Report Classification TOP SECRET//COMINT//REL TO USA, FVEY _ 

Category Acouisition Processes and Contract Management I (b) (3 )-p.l. 86-36 


(U) Category Acquisition Processes and Contract Management | (b) (3 )-p.l. 86- 

(U Z/gpeue-ll .‘~n 'NSA/CS§ IG;AFiSRA.IO, iNseOM IG; NWC 

IG J 16 September 2009 . . • ’ ’ . ♦ * ; 

(S/^TIEL T '0 U9A, T^'EV) Summary , The*Inspectors Generqhfrom the National Secun[ty 
Agency, Air Force Intelligence, Surveillance and Reconnaissance A'gency, Army Intelligence and 
Security Command, and Na val Network Warfare Command conducted a joint inspection ofthe l* I 

f which i s jointly managed and hp been an exemplar of First and Second 
Party mission partner collaboration j ♦ * The diversity of the mission pa rtnera 

working with full knowledge of alf missions al | ^ s both a strength and a burden. This I I 

environment is key to the superior collaboration at site, but it is cumbersome when sharable 
information and tools reside onJ>IOFORN and other systems. Personnel external to the site must be 
educated to understand site restrictions and proper classification to enable tools and informatio n 
sharing. I / I 


(b) (1) 

(b)(3 )-p.l. 86-36 
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SECRET//REL TO USA, r\'E¥ - 


(b) (1) 

(b) (3)-P.L. 86-36 


(U) Management Action Management concurred with all recommendations, and 
corrective actions are underway. 


(U) Overall Report Classification SECRET//COMINT//TALENT KEYHOLE//REL TO 
USA, FVEY _ 

(U) Category Joint Warfighting and Readiness (3)-p.l 

9 • 

(U) Follow-up Audit of Contractor Space; NSA/CSS IG; AU-08-0020; 30 September 2009 


(U//FOUO) Summary Since 2003, NSA has tried unsuccessfully to alleviate chronic 
shortages of space by targeting increasing use of government space by contractors. The effort 
included contractor relocation, a restrictive contractor occupancy policy, and industry sponsored 
facilities. Although recommendations from a 2004 audit have been i mplemented, rrianagement of 
contractor space remains a significant problem. Our follow-up audit I I ‘ 


(U) Management Action Management concurred with all recommendations. 


(U) Overall Report Classification SECRET//COMINT//REL TO USA, FVEY 
(U) Category Human Capital 


(U) False Contractor Labor Claims; NSA/CSS IG; IV-07-0031, IV-08-0016, IV-08-0017, 
IV-08-0018, IV-08-0019; 13 March 2009 - 12 August 2009 

(U/ /FOUQ ) Summary Between 2004 and 2007, five contractors working the midnight shift 
on an Agency in-house contract submitted false and inaccurate timesheets to their companies. All 
five took days off and covered for each other, while claiming 8-hour shifts on their timesheets. 

Since they were working on a time and materials contract, the government was over-billed 
approximately $116,000 as a result of this fraud. All the contractors have left their companies and 
no longer work on NSA contracts. The most egregious offender pled guilty to three counts of 
violating 18 U.S.C. Section 1001 (False Statements) and was sentenced to 30 days in prison and two 
years supervised release. The individual was also ordered to pay restitution of nearly $75,000. 

(U) Management Action The Office of Contracting and the prime contractor have been 
notified of the results of the investigation to facilitate monetary recovery. 

(U) Overall Report Classification UNCLASSIFIED//FOR OFFICIAL USE ONLY 


SECRET^^mCL TO UOA rWY 
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SECRET,TO USA, rWY ' 


(U) Category Other (Procurement and Contract Administration) 

(U) Time Card Fraud, NSA/CSS IG; IV-08-0004; 1 September 2009 

(U//FOUO) Summary A GG-14 employee knowingly submitted falsified time sheets from 
August 2006 to January 2008 for a shortfall to the Government of 615.25 hours (approximately 
$34,059). 

(U) Overall Report Classification UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category Other (Standards of Conduct) 

(U) Procurement Fraud Initiative; NSA/CSS IG; Several Control Numbers; 1 April 2009 to 
30 September 2009 

(U// rOUO) IV-09-0015 A contractor employee fraudulently billed the government 
525 hours (approximately $58,000) over 14 months for late arrivals, early departures, and long 
lunches. The employee was terminated by the contractor during our investigation. 

(U/ /FOUO) IV-09-0024 A major contractor has a policy which directs employees to bill 
indirect time “under 59 minutes” to contracts instead of overhead. The OIG is coordinating a review 
with DCAA regarding this practice. The practice was discovered during an investigation of an 
employee who had billed Agency contracts 57 hours over 12 months for “overhead activities,” such 
as reading company email or completing timesheets. 

(U// FOUO) IV-09-0026 A contractor employee fraudulently billed the government 117.5 
hours (approximately $14,000) over 12 months. 

(U/ /FOUQ) IV-09-0031 A contractor employee fraudulently billed the government 502 
hours (approximately $85,000) over 19 months. 

(U/ /FQUO) - The OIG is continuing to investigat e mischarging at cryptologic centers. Ten 
investigations are open for contract labor mischarging at the Hawaii site. The initial estimate of 
mischarging for these employees is almost $400,000. 

(U) OveraU Report Classification UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category Other (Procurement and Contract Administration) 


3ECRCT/^'REL TO UOA TWY 
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SECRJST//RSL TO USA rwy 


(b) (1) 

(b)(3)-P.L. 


86-36 


(b) (1) 

(b) (3)-50 use 3024 
(b)(3)-P.L. 86-36 


(i) 


(U) NSA/CSS OIG ACTIVITIES RELATED TO 
COUNTERTERRORISM 


(u/ /i:ou e) r 


r 


JnSA/CSS IG;[ 


( *Sujnm ary Th e inspection of thff f 
I / * • ♦ li s organized and m'anaged to fulfill its mission requirements with 

1.1 ♦ '.I* 1* . *1*KTr>A •1*. 1 


few impedi ments. Its services are sought by customecs within ancfputside NSA, apd its products! 
and services! *. • 


I 


iight against terrorism. Based on our posifivV assessment oiT 
'the scope of the inspection and reported only dne.deficiencvT 


|s managed, we curtailed.' 

- ;♦ ; Zl 


divisions are capable of operating as independent entities, {; ♦ ^ anagemd^t has developed an 

organizational structure that produces an overall value greaternilamtjie sum of^its p»ts. 

♦ ♦ ♦ ^ ■ 

(U) Management Action All action officials concurred with tbe.reconlpeiidation that 
approval be obtained to operate the information systems. * s I. *, • 

(U) Overall Report Classification SECRET//COM1NT//REL TO USA\^^YEY 

(U) Category Joint Warfighting and Readiness 


(b)(3)-P.L. 86-36 


(U/ / F OUQ) Review of the President’s Surveillance Program; NSA/CSS IG; ST-09-0002; 
29 June 2009 


(G//REL -) Summary In response to a provision of the FISA Amendmentg’ Act of 2008, the 
Inspectors General of the Department of Justice, the Office of the Director of National Intelligence, 
the National Security Agency, the Department of Defense, and the Central Intelligence 
Agency completed a comprehensive review of the President's Surveillance Program that included, in 
accordance with the legislation, a description of: (A) all facts necessary to describe the 
establishment, implementation, product, and use of the product of the Program; (B) access to legal 
reviews of the Program and information about the Program; (C) communications with, and 
participation of, individuals and entities in the private sector related to th^Trogram; (D) interaction 
with the Foreign Intelligence Surveillance Court and transition to court qfders related to the 
Program; and (E) other matters necessary for a complete a review of the* Program. An unclassified 
report, a classified capstone report, NSA's individual classified report, and the classified reports of 
the other four OIGs were delivered to the Senate and House Intelligence Oversight and Judiciary 
committees in July 2009. 

(U) OveraU Report Classification TOP SECRET/ | ( 'COMINT//ORCON//NOF ORN 
(U) Category Joint Warfighting and Readiness 


{JEGRET^^Jirb - TO UOA, FWY 
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(b) (1) 

(b)(3)-P.L. 86-36 

SECRET/,TO USA, FWY 

1*. 

(b)(3)-P.L. 86-36 

♦ 


(iflt 




25 September 2009 (both rfpbxts)*. 

y\ The 

C-and^ 


"(W/hTtf Su mm ary^ Th ^ 01G*visited two 
on the basis of risk, location’ 


]3SSAyCSS IG; 

C 


J 


Igites selecte d 


]The 


■reviews assessed site opera^i(^hs. local cu stomer .support, and compliance with* intelligence oversight 
.‘requirements and | ' *. I SeveraKfindings and recommendations at daeh site 

addressed p rocedures and condtlions that have arisen'as a result/of expanded missioils ofL 


1 


including the need for quick computer network response time, updates to-software, and 


accou ntability mechanisms. The*review also made recommendations to address the implementation 


of the [ 


and ckanges in site requirements an*d*qapabilities. 


(U) Management Action ] | management at the site and ! [ Headquarters concurred 

with the findings and are taking action to implement the jecommendations. 

(U) OveraU Report Classifications TOP SEeRET//COMINT//NOFORN 
TOP SECRET//COMINT//NOFORN I 

(U) Category Joint Warfighting and Readiness 


■S ECRETj^'RLL TO Ufijl, r\i:V 

10 


Release: 2019-06 
NSA:08902 





Doc ID; 6672230 


5CCRCT/mCL TO USA, FVCY 


(U) SEMIANNUAL REPORT TO THE CONGRESS 

(U) For the Period October 1, 2008 through March 31, 2009 


(u/ /rouo) [ 


(b)(3)-P.L. 86-36 


INSCOMIG, NNWCIG, 


TnSA/CSS IG: A FISI^ IG, 


AFISRA 

J 


■ (C/)'REL)^uinmary The IG organizations of the Air Force Intelligence, Surveillance, 
and Reconnaissance Agency, Intel ligence and Security Command, Naval Network Warfare 
Command, and NSA inspected the l ♦ • i The team 

found the site led by a commander who energizes operational and enabling personne l and 
improved skills and tools used in the cryptologic mission. Exceptional leadership at the I I 

is reflected in the low number of Hndings; however, the IG team found that many problems 
identified in the 2005 Joint Inspectors General Inspection Report Continue to-reduce site 
effectiveness. The inspection team attributes most of these problem^ to the fact that there is no 
process for converting a Service Cryptolog ic Element site to an N SA/CSS field site and th at 
there is no NSA headquarters vision for | f Furthermore J | 

substandard facilities, training shortfalls, and decreasing mission support despite an increased 
pace of system installations can be traced to the absence of an overarching financial picture 

and centralized resource planning. 

(U) Management Action Management concurred with all recommendations and 
corrective actions are underway. 

(U) Overall Report Classifications SECRET//COMINT//REL TO USA, FVEY 
(U) Category Joint War fighting and Readiness 


(S //REL) 


NSA/CSS IG 
12 December 2008 (both reports).' 




basis o4~ 


(9//REL) ^mmary We visited 


sites selected on the 


land reported oversight problems. Our r-eviews assessed site o perations. 


I ’ l and compliance with intelligence oversight requirements and 

instructions. We.'had no tindingS'Or recommendations at| 

j 


(inducted ■ » 

■ performing a|^ 


(U) Management Action ]management at the Site advised! 


[had not 

] We recQmhiended-that . ♦ • peadquarters consid er 


that the* 


•be^n conducted 

! ’ Hradquarter^ is'investigafingl . . • ’ ’ . 

1 

• (U) Oy^ll Report GlassijBcafions: -TOP SECRET/ZCOMIN'll 

l/NOFORN 

(STr08-0012A)^TOP.SEe|UBT//CONtiNT//NOFORN (ST-68-0012B) 
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(U) Financial Accounting and Corporate Tracking System (FACTS); NSA/CSS IG; 
AU-08-0019; 31 December 2008 

■ (O/MEIrtSummary In May 2008, the House Permanent Select Committee on 
Intelligence requested that the NSA OIG independently review FACTS and report to the 
congressional intelligence committees. Originally planned for implementation in November 
2004, FACTS was implemented in October 2007 after three delays. FACTS implementation 
has resulted in major accounting and process problems, especially in administrative control of 
funds, financial planning, accounts receiva ble, accounts payable, reconciling accounts, and 
cash reporting. FACTS has cost more than | |to date, with another | | 

budgeted for FY2009-2014. From the outset, FACTS| ll 


(U) Management Action Management concurred with all recommendatitps. 

(U) Overall Report Classifications SECRET//REL TO USA, FVEY 

(U) Category Financial Management 

(U) Temporary Secure Work Areas; NSA/CSS IG; ST-08-0021; 5 January 2009 

(U//F QUQ) Summary This special study was initiated as a result of a complaint 
received by the OIG concerning the use of a facility as a non-accredited Sensitive 
Compartmented Information Facility (SCIF). The complainant alleged that NSA’s practice of 
repeatedly using a certain uncleared, unsecured venue as a Temporary Secure Work Area 
(TSWA) places sensitive classified information at risk. Although the venue is not an accredited 
SCIF, it has been designated as a TSWA. The special study focused on the circumstances and 
implications of the Agency’s designation of the facility as a TSWA and the overall TSWA 
approval process. NSA’s Associate Directorate for Security and Counterintelligence 
(ADS&CI) is the Cognizant Security Authority for NSA and is responsible for security 
program management for the protection of sources and methods. The special study found that 
this matter has been researched and addressed appropriately. Furthermore, ADS&CI has 
complied with Director of Intelligence Directive No. 6/9, Physical Security Standards for 
Sensitive Compartmented Information. 

(U) Management Action Management concurred with our recommendation to avoid 
future approvals of the facility as a TSWA. 

(U) Overall Report Classifications SECRET//NOFORN 

(U) Category Other (Physical Security) 

(U//F QUO) Aerospace Data FacUity; NSA/CSS IG, NGA IG, AFISRA IG, INSCOM IG, 
NNWC IG; JT-09-0001; 15 January 2009 


(b) (1) 

(b)(3)-P.L. 86-36 


GCCRCTmCL TO UQA, fVCY 

2 


Release: 2019-06 
NSA:08904 




Doc ID: 6672230 

SECRE r mEL TO USA, FVEY 


(UA TOUQ) Summary The IG organizations of the National Geospatial-Intelligence 
Agency, Air Force Intelligence, Surveillance, and Reconnaissance Agency, Intelligence and 
Security Command, Naval Network Warfare Command, NSA, and other agencies conducted a 
joint inspection of the Aerospace Data Facility. The inspection team found the site led by a 
commander who energizes the operational and enabling missions. Without clear and 
consistent guidance from the Intelligence Community (IC), the Commander has done an 
exceptional job of developing and communicating vision and direction to move from agency 
mission stovepipes to IC-centric operations. When structured properly, the NSA, NGA, 
Service Cryptologic Elements, foreign mission partners, and corporate partners at the site 
present an ideal environment for a cohesive, collaborative relationship that supports the 
Director of National Intelligence’s (DNI) Strategic Plan to create a culture in which 
intelligence professionals work together. The inspection team found that a more integrated 
mission environment would support the DNI’s functional joint duty assignment initiative. A 

I independent site services, and agency specific 
rather than IC-centric processes threaten the site's ■abili.ty to achieve this vision. 

(U) Management Action Management concurred with airrbcomipendations and 
corrective actions are underway. 


(b)(3)-P.L. 86-36 


(U) Overall Report Classifications TOP SECRET//COMINT//TALENT 
KEYHOLE//NOFORN 

(U) Category Joint Warfighting and Readiness 

(U) Advisory Report on Human Language Technology; NSA/CSS IG; AU-09-0004; 

4 February 2009 

(0//RCL) Summary Our advisory found that th e NSA progra m to improve SIGINT 
com munications pr ocessing has invested approximate N ^ to date^and plans to 

spend ) lo ver the FY2009 - FY2013 program build. This program, known as 

Hum^Language Technology (HLT), provides products and s ervices'.to SIGINT analysts t» 

I * ♦, ^ |fi nd, eviljuate, and report 

intelligence information critical to national security. Our advisory found that collaboration 
between users of HLT and researcTiefs is key to the program's success. Not all HLT programs 
have been successful, but knowledge has been gained from attem^s that failed and those that 
succeeded. Nevertheless, the problem the HLT. program was designed to i Fesolve remains 
I “ * ♦ ♦ f With limited 

resources, NSA must I ' \ 

[ --- 


that will yield the best results. * •. \ • 

* • ♦ * 

(U) Management Action Management has stated that over the* Rfxt 15 months each 
HLT area will be evaluated for inclusion within the Analytic Modernization program or 
termination. 

(U) Overall Report Classifications TOP SECRET//COMINT//NOFORN 
(U) Category Joint Warfighting and Readiness 


(b) (1) 

(b)(3)-P.L. 


86-36 


(U) Oversight Review of Restaurant Fund, Civilian Welfare Fund, and Cryptologic 
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Museum Gift Shop; NSA/CSS IG; AU-09-0017; 17 March 2009 

(U //rOUG> ^ Summary The financial statements of the Agency's Restaurant Fund, 
Civilian Welfare Fund, and Cryptologic Museum Gift Shop were audited by a Certified Public 
Accounting firm which issued unqualiHed opinions. Our review found that the audit had been 
conducted consistent with Government Auditing Standards. The CPAs did not identify any 
management concerns in this or the previous year. 

(U) Overall Report Classifications UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category Financial Management 


(U) Deployment of SIGINT Systems; NSA/CSS IG; AU-08-0010; 27 March 2009 


(U/ / F 0UO) Summary Our objective was to determine whether deployments of SIGINT 
systems and tools to the field complied with NSA policies. The Agency is generally in 
compliance with the process for deploying SIGINT and support capabilities to Held sites. 

I ^ f sampled NSA/CSS capabilities deployed during FY2007 and FY2008 

followed or partially* followed the deployment management process prescribed by NSA/CSS 
Policy Manual 10-4. Tti£ manual details the processes for deploying capabilities to field sites, 
including verifying that the capability is ready to be deployed and that the site is prepared for 
its installation, integration, operation, and maintenance. Although the policy manual 
addresses most deployment situations^ some areas have been overlooked. For example, the 
manual and the Acquisition Logistics & Deployment Review Office web pages do not define 
requirements for| * ♦ | 


(U) Management Action The actions taken by the Dirfeotprate of Acquisition and the 
Technology Directorate meet the intent of the recommendations. * •, 

• % 

(U) Overall Report Classifications SECRET//COMINT//TALENrKEYHOLE//REL TO 
USA, FVEY 

(U) Category Joint Warfighting and Readiness 


(b) (1) 

(b) (3)-P.L. 86-36 


(U) Organizational Inspection of the NSA/CSS Threat Operations.Center; NSA/CSS 
IG; IN-08-0004; 31 March 2009 

(G//REL) Summary Since the inception of the NSA/CSS Threat Operations Center 
(NTOC) in 2005, Agency senior leadership has been unable to.implement the Director’s • 
strategic intent for the organization. Our inspection found, that disagreements on mission 
boundaries have prevented NTOC from establishing the foundation required to perforih its 
mission. Recognizing cyber security as a significant ji*ational security challenge, the Director 
NSA/CSS (DIRNSA) established the NTOC as a.corporate organization to maximize the 
Signals Intelligence (SID) and Information Assurance Directorates’ (lAD) computer netKvork 
operations capabilities. DIRNSA has pro.vided much of the guidance on NTOC’s strategic 
mission to the NTOC Dir ector; some o Tthat guidance has conflicted with the established 
missions of SID and IAD. | f percent of NTOC’s budget execution authority for- 

contracts and interagency acquisitions is executed outside the organization, resulti ng in! 
insuflicient oversight, of particular concern because of significant budget increases | | 
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(b) (1) 


(b)(3)-P.L. 86-36 


j^xpected for NTOC over the FY09-13 program. 


(U) Management Action All action ofllcials have concurred with the recommendations, 
and Agency senior leadership has taken appropriate actions to resolve the disagreement about 
NTOC's mission. 

(U) Overall Report Classifications TOP SECRET//COMINT//REL TO USA, FVEY 

(U) Category Joint Warfighting and Readiness 

(U) Hostile Work Environment and Reprisal; NSA/CSS IG; IV-08-0023; 25 November 2008 

(U //rQUQ ^Summary The OIG substantiated an allegation that a GG-14 managerial 
employee created a hostile work environment and subsequently reprised against a subordinate for 
reporting his inappropriate conduct to his supervisor. The investigation determined that the 
employee created a hostile work environment through inappropriate and intimidating conduct 
(swearing and throwing office items) and reprised against a subordinate who reported the 
misconduct. 

(U) Overall Report Classification UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category Other (Reprisal and Standards of Conduct) 

(U) Sexual Harassment and False Statement; NSA/CSS IG; IV-08-0046; 14 January 2009 

(U//rOUO) Summary The OIG substantiated an allegation that a GG-12 NSA supervisory 
police officer sexually harassed a junior police officer. The OIG determined that the senior officer 
made an unwelcome sexual advance toward the female junior officer. The investigation also 
determined that the officer knowingly and willfully made a false statement under oath during the 
investigation. A report was forwarded to the NSA Office of Employee Relations for a determination 
on disciplinary action. 

(U) Overall Report Classification UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category Other (Equal Employment Opportunity and Standards of Conduct) 

(U) Procurement Fraud Initiative; NSA/CSS IG; Various Control Numbers; 1 October 2008 to 
31 March 2009 

(U//FOUO)‘Summary In October 2007, we launched an initiative to identify fraudulent 
billings by NSA contractors. This initiative involves data interrogation of contractor access records, 
coordination with contractor compliance officials, analysis of billing records, and investigation of 
access and billing anomalies. 

(U// F0UO) Over the past six months, we have continued our initiative at NSA’s 
Cryptologic Centers. As part of Phase II, we completed seven investigations at NSA/CSS Georgia 
and identified over 3,100 hours mischarged with an estimated recovery exceeding $200K. Some 
examples include: 

(UA yOUO) IV-09-0008 A contractor employee fraudulently billed the government 
398 hours (approximately $42,000) over a 12 month period. The employee admitted to submitting 
false timesheets for late arrival and early departure each day. 

(u/ /FOu e) rv-09-0010 a contractor employee fraudulently billed the government 
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366 hours (approximately $21,000) over a 12 month period. The employee admitted to submitting 
false timesheets. Most of the discrepant hours represent excessive hours at lunch. 

(U/ / F QUQ ) IV-09-0019 A contractor employee fraudulently billed the government 
249 hours (approximately $19,000) over a 12 month period. The employee admitted to submitting 
false timesheets. While the employee admitted leaving early, he was surprised that it was that much 
over a one year period. 

(U//FOUO) During our analysis, we found pot ential mischareingbvj Ic ontractors 

working at NSA/CSS Georgia and referred those to the | ■ "^ s conducting 

separate investigations. We believe these recoveries are significant. Additionally, we will 
commence a review of contractor program management during our contract labor reyiews due to the 
significant amount of mischarging by contractor employees. Program management fs one of the 
highest labor categories on most T&M contracts we have reviewed. 

(U) Category Acquisition Processes and Contract Management 


(b) (3)-P.L. 86-36 
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(U)NSA/CSS OIG ACTIVITIES RELATED TO COLfNTERTERRORISM 


(U) Advisory Report on Practices and Procedures To Ensure Accuracy of SIGINT 
Disseminated in Iraq and Afghanistan; NSA/CSS IG; ST-08-0019; 17 December 2008 


( ■ S//REL) Summary Because Signals Int eiligence (SIGINT) reportedly contributes to | | 

l^in Iraq and Afghanistan, the Director of the 


SIGINT Directorate asked the NSA IG to examine current practices to ensure the accuracy 
and reliability of intelligence disseminated by SIGINT elements in-theater. Our advisory 



(U) Management Action The recommendations in this advisory report are offered for 
the SIGINT Directorate leadership to consider after conducting a cost/benefit analysis of 
implementing the recommendations in a comltqt area. 

(U) Overall Report Classifications SECRET/ZCOMINT/ZREL TO USA, FVEY 

(U) Category Joint War fighting and Readiness 


s 

% 

% 

% 

• 

I 


(b) (1) 

(b) (3)-P.L. 86-36 
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UNITED STATES GOVERNMENT 

memorandum 

DATE: 01 April 2010 IG-III44-IO 

REPLYTO 

ATTN of: Inspector General 

subject: (U) Office of the Inspector General Semiannual Report to Congress- 

INFORMATION MEMORANDUM 

TO; DIR _ 

THRU: D/DIR_ 


1. (U) The NSA/CSS Office of the Inspector General (OIG) submitted to the 
Inspector General, DoD, the attached Semiannual Report to the Congress on Intelligence- 
Related Oversight Activities for the period oi October 2009 -31 March 2010. 


2. (U //FOU 0 ' ) This Report also satisfies a DoD requirement that Defense 
Intelligence Community Inspectors General provide a narrative input on their activities 
relating to counterterrorism (CT). I summarized the OIG’s CT efforts in the last two 
pages of the Report. 


fU/t / FOU Q' l If you require additional information, please contac^ 
L Deputy Inspector General, on .. 


(b) (3)-P.L. 86-36 


. 


George Ellard 
Inspector Generj 



cc: SID 

lAD 
CoS 

Enel: 

a/s 


This Document May Be Declassified Upon 
Removal of Enclosure and Marked 
UNCLASSIFIED//FOR OFFICIAL USE ONLY. 


Approved for Release by NSA on 07-01-2019, FOIA Case # 79825 (litigation) 
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(b)(3)-P.L. 86-36 




(U) SEMIANNUAL REPORT TO THE.CONGRESS 

. •/* ’ * • * / 

(U) For the Period October 1 , 200 , 9 ‘ ifirougiiMitrcfi 31,2010 


( ^i ^iUJjL) Intelligence Oversight of the 
NSA/CSS IG; | .. ♦ ’ ' 


t 


pPrpgram^at NSA/CSS Georgia; 


(0//I1EL) Sunima'ry During the investigation of*^leged ^proprieties at NS A Georgia in 
2004 and 2005 r^jorted by a former assignee in 2008,.the OIG identified some practices in ) ~1 
I ( that were inconsistent with established*NSA/CSS*policies and procedures. These 

practices included improper dissemination of ra\v*SIGIN T and noncompliance with quarterly 
reporting requirements. Our investigati on als o noted that l f intelligence Oversight training was not 
uniform for all personnel performing the j j mission and did not adhere to the standards set in 
NSA/CSS policies. 

(U /iTOli Q) Management Action Management concurred with our recommendations and is 
taking corrective action. 

(U) OveraU Report Classification SECRET//REL TO USA, FVEY 

(U) Category Information Security and Privacy 


(U) Report on Congressional Budget Requests for the President’s Surveillance Program; 
NSA/CSS IG; ST-09-0018; 24 November 2009 

(U/jTOUO) Summary This is a compartmented study of how NS A reported to Congress on 
the President’s Surveillance Program (PSP) in budget requests and budget briefings. On 17 June 
2009, Counsel to the Senate Select Committee on Intelligence requested that the OIG review how the 
PSP had been reported in budget requests and briefings, given that only a few members of Congress 
had initially been aware of the program. This review responds to that request. 

(U) Overall Report Classification TOP SECRET//COMINT//NOFORN (Compartmented) 

(U) Category Information Security and Privacy 


(U) Management of Agency Firewalls; NSA/CSS IG; AU-09-0002; 25 November 2009 


(■ G /i^RBL ) Summary Firewalls are part of a defense-in-depth strategy used to protect 
Agency networks from cyber attack. The audit objective was to determine whether the Agency’s 
firewalls are effective and efficient in securing the Agency’s networks. The audit reviewed the 

Agency-wide policies and standards that govern the use of firewalls and h ow individual _ 

organizations manage and monitor them. Our audit found that the Aeencvl 


*. (U) Management Action The Techinology Directorate concurred Avith our 

recommendations to improve the mqnafeement of Agency firewalls. 

♦ ♦ 


(b) (1) 

(b)(3)-P.L. 86-36 
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(U) OveraU Report Classification TOP SECRET//COMINT//NOFORN 
(U) Category Information Security and Privacy 


(U) Annual Report to Congress on Foreign Intelligence Surveillance Act Amendments Act 
of 2008 (FAA); NSA/CSSIG; ST-10-0003; 30 November 2009 


(OiOllEL TO UOA, P¥E¥) Summary The Foreign Intelligence Surveillance Act 
Amendments Act of 2008 (FAA) authorizes the NSA/CSS OIG to assess the Agency’s compliance 
with procedures for targeting certain persons outside the United States, other than United States 
persons. The OIG reviews the collection, processing, and reporting of data at least quarterly. 
Incidents involving compliance with procedures for targeting certain persons outside the United 
States, other than United States persons, and incidents involving minimization of United States 
person information are reported to the OIG as they occur and quarterly. Each incident is evaluated 
against the targeting and minimization procedures set forth in the FAA and in NSA directives. The 
report concluded that the OIG has no reason to believe that any inteUigence activities of NSA during 
the period 1 September 2008 through 31 August 2009 were unlawhil. In compliance with the 
targeting and minimization procedures of §702 of the FAA, the report included statistics on the total 
number of intelligence reports disseminated between FAA implementation on 1 September 2008 and 
31 August 2009, including the total of those containing a reference to a United States person identity. 
The OIG also found and reported the total of instances of §702 targeting or minimization mistakes to 
the President's Intelligence Oversi^t Board through the Assistant to the Secretary of Defense for 
Intelligence Oversight. 


(U i¥F0UO) Management Action Action was taken to correct the mistakes and processes 
were reviewed and adjusted to reduce the risk of imauthorized acquisition and improper retention of 
U.S. person communications. 


(U) OveraU Report Classification TOP SECRET//COMINT//REL TO USA, FVEY 


(U)[ 


(U) Category Information Security and Privacy 

(b)(3)-P.L. 86-36 

\ NSA/CSS IG; | 


=]-, 



(U) Management Action The PMO is working to correct the deficiencies. 
(U) OveraU Report Classification TOP SECRET//COMINT//NOFORN 
(U) Category Information Security and Privacy 


(b) (1) 

(b) (3)-50 use 3024(i) 
(b) (3)-P.L. 86-36 
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(b)(3)-P.L. 86-36 


(U) Advisory Audit Report on Earned Value Management at NSA; NSA/CSS IG; 
AU-09-0013; 12 February 2010 .* • 


( U ;¥ rOUQ ) Summary Earned Value Management (EVM) is aji important evaluation tool 
that alerts program managers to potential problems early in the prograih and reduces the chance and 
magnitude of cost overruns and schedule delays. Overall, our advisojfy audit fou nd th at NSA is 
complying with EVM policy, however, the use of EVM at NSA is Ih nited. Onl^ ^ [ contracts 
I use EVM. The Office of the 

Director National Intelligence and the Under Secretary of Defense for Acquisition, Technology and 
Logistics observed that many NSA contracts ^ire level-of-effort (LOE), which is not structured to use 
EVM. To increase the use of EVM, NSA must change its contracting strategy of issuing LOE 
contracts, apply EVM to smaller dollar value contracts, and continue to develop a tailored EVM for 
government and contractor efforts. 


(U) OveraU Report Classification UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(U) Category Acquisition Processes and Contract Management 


(U) Annual Report to the Intell^ence Oversight Board on NSA Activities - 
Calendar Year 2009; NSA/CSS IG; ST-10-0008; 2 March 2010 


Summary Section 932 of the John Warner National Defense 
Authorization Act for FY 2007 (lOUSC 427) requires the Secretary of Defense to report to Congress 
annually on intdligence activities he has reason to believe may be unlawful or contrary to Executive 
Order or Presidential Directive. NSA’s annual intelligence activities report, submitted to Congress 
via the Assistant to the Secretary of Defense for Intelligence Oversight, covered the 2009 activities 
that NSA reported to the Intelligence Oversight Board. Under the heading of Intelligence, 
Counterintelligence, and Intelligence-related activities that violate law, regulation, or policy 
substantiated during the year, as well as actions taken as a result of the violations, details were 
provided in the annual report f or the following: 1) nnintentional collection against U.S. persons or 
persons in the Uni ted States; 2' \ ' 

I la nd 3) an alleged unauthorized disclosure of classified information and misuse of • 

the U.S. SIGINT System. .. 


(U) OveraU Report Classification TOP SECRET//COMINT//NOFORN 
(U) Category Information Security and Privacy 


(b) (1) 

(b) (3)-50 use 3024 (i; 
(b) (3)-P.L. 86-36 


(U) Yakima Research Station; NSA/CSS IG; AFISRA IG; INSCOM IG; NNWC IG; JT-10- 
00001; 16 March 2010 

(W/TOUO) Summary The IG organizations of the Air Force Intelligence, Surveillance, and 
Reconnaissance Agency, Naval Network Warfare Command, and NSA inspected the site in October 
2009. Site leadership has overcome the number one challenge identified in the 2004 Joint Inspection 
of the Yakima Research Station, defining the site's role and engaging Hi^er Headquarters (HHQ) in 
solving problems. The widely disparate missions and associated challenges identified in this report 
have led to some confusion among the workforce about the strategic direction and mission priorities. 
Some problems identified in the previous IG report still exist and continue to reduce site 
effectiveness. Supporting programs (Intelligence Oversight, Training, Human Resources, Safety and 
Security) varied in their effectiveness. The training program showed general improvement, but still 
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requires additional attention for operations training and overall documentation of process and 
procedures. Intelligence Oversight at YRS is effective, but could be improved witii additional 
direction and guidance from NSAW. The YRS HR programs provide a full range of services to the 
workforce. The lack of and inconsistent enforcement of some safety and security regulations have 
increased levels of risk in those areas. 

(U) Management Action Management concurred with all recommendations and corrective 
actions are imderway. 

(U) OveraU Report Classification SECRET//COMINT//REL TO USA, FVEY 

(U) Misuse of Government Resources; NSA/CSS IG; IV-10-0008; CO-09-0806; 

9 December 2009 and 29 January 2010. 

Summary During routine monitoring of NSA/CSS unclassified computer 
systems, an NSA/CSS senior executive was detected accessing websites containing sexually-explicit 
images in violation of DoD regulation and Agency policy. During an OIG interview, the senior 
executive admitted to accessing the prohibited sites. The OIG referred a Rqiort of Investigation 
(ROI) to the NSA/CSS Office of Employee Relations (ER). While ER was adjudicating the OIG’s 
referral, the senior executive was once again detected accessing sexually-explicit websites, and once 
again admitted to accessing the websites during his OIG interview. The OIG referred a second ROI 
to ER for administrative discipline. 

(U) Management Action The senior executive retired from the NSA/CSS prior to 
administration of discipline. 

(U) OveraU Report Classification UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category Other (Standards of Conduct) 

(U) Misuse of Government Resources; NSA/CSS IG; CO-09-0806, CO-09-0813, CO-10-0092, 
CO-10-0097, CO-10-0098, CO-10-0099, CO-10-0115, CO-10-0116, CO-10-0117, CO-10-0119, 
CO-10-0120, CO-10-0136, CO-10-0167, CO-10-0168, CO-10-0169, CO-10-0170, CO-10-0171, 
CO-10-0172, CO-10-0189, CO-10-0190, CO-10-0190, CO-10-0199. CO-10-0200, CO-10-0223, 
CO-10-0224, CO-10-0225, CO-10-0226, CO-10-0227, CO-10-0228, CO-10-0229, CO-10-0229, 
CO-10-0230, CO-10,0231, CO-10-0233, CO-10-0265, CO-10-0287, CO-10-0289, CO-10-0290, 
CO-10-0310, CO-10-0315, CO-10-0316, CO-10-0321, CO-10-0322, CO-10-0331, CO-10-0345, 
CO-10-0360, CO-10-0363, CO-10-0364, CO-10-0365, CO-10-0388, CO-10-0391; 

1 October 2009 to 26 March 2010 

( U ) ¥FOUQ) Summary During the October 2009 to March 2010 time period, the OIG 
substantiated 50 allegations of misuse of government resources (e.g., accessing sexually-explicit 
material through the Agency’s imclassified Internet network). 

(U) Management Action Subjects in these cases were civilian employees, military 
affiliates, and NSA contractor employees. Discipline ranged from a letter of warning to reduction in 
grade. 

(U) OveraU Report Classification UNCLASSIFIED//FOR OFFICIAL USE ONLY 
(U) Category Other (Standards of Conduct) 
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(U) HostUe Work Environment; NSA/CSSIG; IV-10-0011; 25 February 2010. 

(U/ZTOUG) Summary The OIG substantiated an allegation that a male Agency employee 
harassed and intimidated a female co-worker by using inappropriate language and engaging in 
unwanted physical contact vidth her. 

(U) Management Action We referred our Report of Investigation to the NSA/CSS Office 
of Employee Relations for administrative discipline. 

(U) Overall Report Classification UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category Other (Sexual Harassment) 

(U) Time and Attendance Fraud; NSA/CSS IG; IV-09-0022; 13 January 2010 

(U/jTOUO) Summary The OIG substantiated an allegation that an NSA/CSS civilian 
employee, a GG-15 OfiSce Chief, knowingly submitted false time sheets from May 2008 to May 
2009, for a total shortfall to the Government of 204.75 hours (approximately $12,600). 

(U) Management Action We referred our Report of Investigation to the NSA/CSS Office 
of Employee Relations for administrative discipline. 

(U) OveraU Report Classification UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category Fraud 

(U) Time and Attendance Fraud-NSA/CSS IG; IV-10-0007; 24 March 2010 

( U f 'jTOUO) Summary The OIG substantiated an allegation that an NSA/CSS civilian 
employee, a GG-7 Timekeeper, knowingly submitted false time sheets from June 2008 to October 
2009, for a total shortfall to the Government of 291.75 hours (approximately $8,000). 

(U) Management Action We referred our Report of Investigation to the NSA/CSS Office 
of Employee Relations for administrative discipline. 

(U) OveraU Report Classification UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category Fraud 

(U) Outside Employment; NSA/CSS IG; IV-l0-0005; 16 December 2009 

( U ) ¥FOUO) Summary. The OIG substantiated an allegation that an Agency senior executive 
violated applicable DoD regulations and Agency policy by advertising and selling jewelry at 
work. 

(U) Management Action We referred our Report of Investigation to the NSA/CSS Office 
of Employee Relations for administrative discipline. 

(U) OveraU Report Classification UNCLASSIFIED//FOR OFFICIAL USE ONLY 

(U) Category Other (Standards of Conduct) 

(U) NSA OIG Anti-Fraud Initiative - NSA/CSS IG; Various Control Numbers; Program 
Update 
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( U i¥ FOUQ) Summary In October 2007, we launched an initiative to identify fraudulent 
billings by NS A contractors. This initiative involved data interrogation of contractor access records, 
coordination with contractor compliance officials, and investigation of facility access and billing 
anomalies. 

To date, we have completed over 100 labor mischarging investigations with 
approximately $2.2 million in recoveries. We are continuing to work in conjimction with the United 
States Attorney’s Office in Baltimore and the Defense Criminal Investigative Service in regard to the 
criminal prosecution of the most egregious instances of fraud. Investigations completed over the 
past six months include the following: 

(UWOUO) IV-09-0042 An NSA/CSS contractor affiliate billed the government 494 hours 
(approximately $56,600) over an 18-month period for unauthorized work. The company has offered 
to make restitution for the overbilling. 

IV-09-0045 An NSA/CSS contractor affiliate billed the government 380.75 
hours (approximately $43,200) over a 12-month period for unauthorized work. The company has 
offered to make restitution for the overbilling. 

(Ui^ ^ P QUO) IV-09-0047 An NSA/CSS contractor affiliate billed the government 428.5 
hours (approximately $41,000) over a 16-month period for unauthorized work. The company has 
offered to make restitution for the overbilling, 

( U/iT i QUO) IV-19-0054 An NSA/CSS contractor affiliate fraudulently billed the 
government 654 hours (approximately $34,000) over a 21-month period. 

(Un WOUQ) IV-19-0055 An NSA/CSS contractor affiliate fraudulently over billed the 
government 121.5 hours (approximately $6,500) over a 21-month period. 

(U)4¥®W^) IV-19-0056 An NSA/CSS contractor affiliate fraudulently over billed the 
government 164 hours (approximately $15,900) over a 21-month period. The contractor affiliate 
also billed the government for 91.5 hours (approximately $8,500) of rmauthorized work. 

(U/iTOW©) IV-19-0057 An NSA/CSS contractor affiliate fraudulently over billed the 
government 98 hours (approximately $10,800) over a 21-month period. 

( U i^ TOUO) IV-19-0058 An NSA/CSS contractor affiliate fraudul«itly over billed the 
government 363.75 hours (approximately $20,000) over a 21-month period. 

(U/iTOUO) IV-19-0059 An NSA/CSS contractor affiliate fraudulently over billed the 
government 190 hours (approximately $22,200) over a 21-month period. The contractor affiliate 
also billed the government for 37 hours (approximately $4,300) of unauthorized work. 

( U//FOUO) IV-19-0060 An NSA/CSS contractor affiliate fraudulently over billed the 
government 40.75 hours (approximately $3,800) over a 21-month period. 

C W/FOUO) IV-19-0061 An NSA/CSS contractor affiliate fraudulently over billed the 
government 678.75 hours (approximately $37,000) over a 21-month period. 

( U/iT ' O¥ 0 ) IV-19-0062 An NSA/CSS contractor affiliate fraudulently over billed the 
government 273.75 hours (approximately $26,000) over a 21-month period. 

( U f ^OUQ) IV-10-0010 An NSA/CSS contractor affiliate fraudulently over billed the 
government 366.75 hours (approximately $41,000) over an 11-month period. 
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(b) (1) 

(b) (3)-50 use 3024 (i) 
(b) (3)-P.L. 86-36 


(U) NSA/CSS OIG ACTIVITIES RELATEBtTO 
COUNTERTERRORISM 

# • 

« • 

( U i ^iCFOU ^ Advisory Report on Second Follow-up Research on Expeditionary SIGINT 

Deployments to Hostile Areas; NSA/CSS IG; ST-09-0008; 22 Februaiy 2010 

* • 

■ 

(Oi'illEL) Summary This is the second follow-up review of Hostile Area Deployment 
processes. Prior studies were completed in 2005 and 2007. Like the*prior Studied this advisory 


from interviews and a web survey with NSA/CSS personnel whi 

5 -—- -\ 

I ___ 1 

In addition, we interviewed 


representatives of organizations involved in the deployment process. We found, since the last review 
in 2007, improvements in deployment processes c ontinue, particularly in administrative proce ssing, 
training, and medical and secu rity processing, and | | 

I I While progress has, been noted, there is room for improvement in are^ 

such as occupational health and environmental support services, an< ^ | 

processes. Periodic reviews of hostile area deployments are vital .to ensure that NSA personnel are 
prepared to ejrecute critical missions in siqjpQtt of Combatant Commands. 

(U) OveraU Report Classffication**CONFIDENl'lAL//REL TO USA, FVEY 

(U) Category Joint Warfigjiting-Mid Readiness 

■ • ♦ 


(b) (3)-P.L. 86-36 
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Attached to this lettet is the Semianniial Report to Congress by the Inspector General of 
the National Security Agency for the period 1 April to 30 Sq)temba: 2010. 

I adopt the statistics and other infonnation contained in that report. 


Sincerely, 



USA 


Approved for Release by NSA on 07-01-2019, FOIA Case # 79825 (litigation) 


Derived From; NSA/CSSM 1-52 
Dated: 20070108 
Declassify On: 20351001 
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NATIONAL SECURITY AGENCY/CENTRAL SECURITY 

SERVICE 

Further dissemination of this report outside NSA is 
PROHIBITED without the approval of the Inspector 
General. 



(U) SEMIANNUAL REPORT TO CONGRESS 
1 April to 30 September 2010 

George Ellard 
Inspector General 


Derived from; NSA/CSSM 1-52 
Dated; 20101031 
Declassify on; B03D10a » 
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(U) NSA OFFICE OF THE INSPECTOR GENERAL 


(U) The NSA Office of the Inspector General (OIG) conducts audits, investigations, inspections, and special 
studies. Its mission is to ensure the integrity, efficiency, and effectiveness of NSA operations, provide 
intelligence oversight, protect against fraud, waste, and mismanagement of resources, and ensure that NSA 
activities are conducted in compliance with the law. The OIG also serves as an ombudsman, assisting Agency 

employees, civilian and military, with complaints and questions. 

(U) Intelligence Oversight 

(U) The OIG Office of Intelligence Oversight reviews NSA’s most sensitive and high-risk programs for 

compliance with the law. 

(U) Audits 

(U) The OIG Office of Audits within the OIG provides independent assessments of programs and organizations. 
Performance audits evaluate the effectiveness and efficiency of entities and programs and assess whether NSA 
operations comply with federal policies. Information Technology audits determine whether IT solutions meet 
customer requirements, while conforming to informati on assurance standards. All audits are conducted in 
accordance with standards established by the Comptroller General of the United States. 

(U) Investigations and Special Inquiries 

(U) The OIG Office of Investigations administers a system for receiving and acting on requests for assistance 
and complaints about fraud, waste, and mismanagemen t. Investigations and special inquiries may be 
undertaken as a result of such requests and complaints (including anonymous tips), at the request of 
management, as the result of questions that surface during inspections and audits, or at the initiative of the 

Inspector General. 

(U) Field Inspections 


(U) The Office of Field Inspections conducts site reviews as part of the OIG’s annual plan or by management 
request. Inspections yield accurate, up-to-date information on the effectiveness and efficiency of field 
operations and support programs, along with an assessment of compliance with federal policy. The Office 
partners with Inspectors General of Service Cryptologic Components and other Intelligence Community 
Agencies to conduct joint inspections of consolidated cryptologic facilities. 
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(U) A MESSAGE FROM THE INSPECTOR GENERAL 


(U) This report summarizes the more significant activities of the Office of the Inspector General (OIG) of the 
National Security Agency between 1 April and 30 September 2010. The report is mandated by the Intelligence 
Authorization Act of 2010. 


(U) The most significant activity in the OIG during the reporting period was the continuing increase in the 
breadth and depth of the Office’s expertise in information technology (IT), cyber, and intelligence oversi^t 
(10). The NS A Director enabled this expansion of our capacities by supporting our efforts to hire superbly 
qualified recruits firom the private sector and personnel steeped in NSA’s mission fi-om within the Agency. 

(U) During the reporting period, the NSA OIG completed 60 audits, inspections, special studies, and 
investigations. The audits were almost evenly distributed across 10, IT, and mission programs. 


(Si'iHEL TO U9A, PWiO Completed 10 reports included an advisory report on an OIG pilot test of N&A 
controls designed to ensure compliance with an Order of the Foreign Intelligence Surveillance Court (FISC) and 
monthly reports on OIG tests of FISC Order controls for January through July 2010. Reports related to mission 
programs included an audit of the Agency’s Operational Test Authority, an audit of the Information Assurance 
Directorate’s encryption interoperability, an audit of mission-assurance and continu ity-of-operations 

compliance and testing, and a c yber research project. IT and cyber reports included an audit of_ 

[ classified networks, an audit of the Agency’s compliancy'with the Federal 
Information Security Management Act, and an audit of the Agency’s Cross Domain Solutions. 


(U) We also completed an external peer review of the investigative and audit offices within the OIG of the 
National Recqimaissance Office. 


(U) The inspection staff completed reports on a joint inspection of the NSA?CSS Georgia Cryptologic Center 
and a headqu^ers inspection of the Agency’s signals intelligence development strategy and governance. 


(U) Special studies were completed on the[ 


T^ two SIGINT sites, data sharing with third- 

♦a _ • Tfc_ 


party partners, and the Selective Employment of Retirees/Standby Active Reserve Programs. 


■ ♦ 

(U) The investigations staff opened 31 investigations and closed 44. 

■ « 


(b)(3)-P.L. 86-36 


(U) Each report and special study contained recoHunendations on which the OIG and NSA management 
concurred, recommendations designed to improve the efficiency and effectiveness of the programs under 
review. OIG tracks recommendations until* they have been implemented and regularly reports to the NSA 
Director oirthe status of open recommendations. Of the 210 recommendations issued in the reporting period, 
68 have been closed. 


(b) (1) 

(b) {3)-P.L. 86-36 


George Ellard 
Inspector General 
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(U) INDEX OF REPORTING REQUIREMENTS 


(U) 


I.G. Act I 

Reporting Requirement 

Page 

§5(a)(1) 

Significant problems, abuses, and deficiencies 

3-8 

§5(a){2) 

Recommendations for corrective action 

3-8 

§5(a)(3) 

Previously reported significant recommendations not yet completed 

N/A 

§5{a){4) 

Matters referred to prosecutive authorities 

9 

§5{a)(5) 

Information or assistance refused 

N/A 

§5(a)(6) 

List of audit, inspection, and evaluation reports 

13 

§5(a)(7) 

Summary of significant reports 

3-8 

§5(a)(8) 

Audit reports with questioned costs 

17 

§5(a)(9) 

Audit reports with funds that could be put to better use 

21 

§5{a)(10) 

Summary of reports for which no management decision was made 

N/A 

§5{a){11) 

Significant revised management decisions 

N/A 

§5(a)(12) 

Management decision disagreements 

N/A 


(U) 
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(U) AUDITS OF PARTICULAR SIGNIFICANCE 


(U) The Operational Test Authority 


(U) The audit objective was to evaluate the effectiveness of the Agency’s Operational Test Authority 
(OTA) as NSA’s independent testing authority. 

(Ui'iTOUO') Finding The OTA is not independent because of its 2007 realignment under the Technology 
Directorate (TD), which is responsible for developing technology for major systems. TD can influence 
OTA because it controls OTA’s budget and reviews OTA’s suggested changes to Agency policies and 
guidance. 

(UMPdUd) Recommendation The OIG recommended establishing an independent OTA with direct 
reporting authority to the NSA Director. i- 1 


(U) Cross Domain Solutions 


(b) (1) 

(b)(3)-P.L. 86-36 


(U/t‘ P€)liQ) The audit objective was to determine whether Cross Domain Solutions (CDSs) effectiveii^ 
and efficiently protect Agency networks. A CDS is a controlled interface that allows the secure traoS'fi^ 
of data between domains with different security levels (e.g.. Top Secret to Unclassified). 

. , • ' 

Finding 1 Agency CDSs I • • 



(U)¥P@t^0) Recommendatio n 2 The OIG recommended’develo ping a standard operating procedure 
(SOP) to document approved | |a tld glloyv system administrators to 

configure Agency CDSs. This SOP should require that changes berlegged *^d controlled in an approved 

central repository. , * -:- 

(b)(3)-P.L. 86-36 
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♦ 

(U) Mission-Assurance Continuity-of-Operations Cornffliance and Testing 


(IWP©^^©') In August 2008, NSA identified 14 Mis sion E ssential Functions (MEFs) that must be 
performed in all circumstances. As of August 2009, | ( Agency organizations had been identified as 
being responsible for performing essential tasks that support one or more of the 14 MEFs. 




Recommendation The OIG recommended that the Agency track organization compliance • 
in developing complete COOP plans and performing annual updates and testing. 
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(U) INSPECTIONS OF PARTICULAR SIGNIFICANCE 

(U) NSA Georgia Cryptologic Center 


During the reporting period the NSA Office of Inspections completed a Joint Inspection of 
the NSA Georgia (NSAG) Cryptologic Center at Fort Gordon, Georgia. 

(U)MP©W©') Finding 1 Substantial growth in NSAG’s Signals Intelligence, Information Assurance, and 
Computer Network Operations (CNO) missions and its information technology infrastructure has 
strained mission support resources. During the past five years, NSAG has experienced a large influx of 
joint and tactical personnel, who arrive without enabling support. They rely instead on NSA’s heavily 
burdened support infrastructure. A root cause of this deficiency is the lack of clear manpower and 
budget requirements necessary to operate the cryptologic center. 

('Uj'/rOUO) Recommendation 1 NSA Headquarters and NSAG should define, program for, and 
provide the minimum mission enabler personnel and funds needed to operate the Center effectively. 

(■^I'REL TO UDji'i, fiinDV) Finding 2 There are not enough joint operations personnel at NSAG to meet 
tactical mission requirements. Continued mission growth is stressing mission organizations and 
personnel to the limit, especially in time-sensitive tactical support. NSAG’s growing | 


« ♦ 

Recommendation 2 The NSA Sigq^s Intelligence Director should develop a business plan 
for the prioritization and appropriate distribution of tactical missions and associat ed resources at NSAG, 
taking into consideration the demands that additional mission will put on the site. 


(b) (1) 

(b) (3)-P.L. 86-36 


SECRET)^ ' COMINmmrORN 

5 


Release: 2019-06 
NSA:08931 





Doc ID: 6672232 



Release: 2019-06 
NSA:08932 



Doc ID; 6672232 


(U) SPECIAL STUDIES OF PARTICULAR SIGNIFICANCE 


(U) Data Sharing with Third-Party Partners 


(b) (1) 

(b)(3)-P.L. 86-36 


NSA’s third-party partners are nations .other jhan* Australia, Canada,“New 

Zealand, and the United Kingdom with which the U.S. goverflment Jhas national Signals Intelligence 

• • ♦ « • • 

(SIGINT) arrangements. The purpose of the rev^ewwas to dejorfnin e whether policies and procedures 
are in place to ensure compliance with authorities for shaiidg_with third-party partners. 



1 


(3WtP) Fipdrng 1 Updated policies and {)rocess improvements are needed. Documentation foi ) | 
[ disseminated to third-paity* partners is not centrally maintained. Limited documentation is 
scattered across many locations* throughout the SIGINT Directorate (SID) and the Foreign Affairs 

* m 

Directorate (FAD). Dqouhientation in FAD’s Foreign Affairs Knowledge System is not current or 

easily retrievable. . * * 

♦ 

Recommendation 1 FAD should establish a repository for documenting] | 
[shared with third-party partners, and it should update existing documentation. 


Finding 2 Although SID’s Analysis and Production Directorate (S2) 
developed a process in February 2007 to disseminated to third-party partners, the 

process is not well understood, and it has never been reviewed. Quarterly guidance to the S2 workforce 
on how to I [disseminated to partners is unclear, and, as a result,! I is 


inconsistent. 


disseminating 


■¥) Recommendation 2 

]to partners, including I 


SID should revise its oversight process for 
^ [procedures, and inform the workforce of the 


revised process. SID should-also publish an approval authority matrix for third-party activity and formal 

training on third-party partnerships and p’rovide it to l^SA personnel. 

* • ■ • 


Findirfg 3 SID lacks a' 


standard process fori 


Recommendatiop* *3 SiD Should establish a standard process 

I • • ♦ • ' • " • * 


(b) (1) 

(b)(3)-P.L. 86-36 
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After the 11 September 20P1’ terrorist attacks on the United States, NSA est’ahlished. 

; ! : Since then, 


undergone several reorganjeations; mo^t recently. 
Strategy and Governance organization. '. 


became an elem ent of the SIGINT Development 


(U/ /rOU 0) Finding 1 1 j acks essential mission documentation and standards for NSA Headquarters and the 

Extended Enterprise. i 

■ • • 

(€A!ft6fe-J?©4iSAT-JSM6¥>) Recommendation H ‘ I should develop a Mission and Functions Statement, 

■ ■ 

Strategic Plan, and implementing instructions, reflecting the evolving mission o: 

■ • le xtemal agmcies. The documents should 

* • ^ ^ 

clearly define internal management controls in standard operating procedures, system configuration 

■ • * • 

management, and budget documentation.. 

( U//FQUQ ) Finding 2| [has no Intelligence Oversight program. 

Recommendation 2 The should establish an Intelligence^ Oversight program in accordance 
with Department of Defense regulations and NSA policies. 

(b) (1) 

(b) (3)-50 use 3024 (i) 

(b) (3)-P.L. 86-36 



Release: 2019-06 
NSA:08934 





Doc ID: 6672232 




(U) INVESTIGATIONS OF PARTICULAR SIGNIFICANCE 


(U) Summary of Prosecutions 


(U) Indictment 

(U) An Agency employee was indicted in June 2010 for accepting more than $110,000 in bribes from a 
contractor as part of a scheme to defraud NSA. The trial is scheduled for January 2011 in the United 
States District Court in Baltimore, MD. 

(U) Conviction 

(U) A former Agency contractor pled guilty in July 2010 to submitting false labor charges for 
approximately $82,000. Sentencing occurred in October 2010 in the United States District Court in 
B^timore, MD. 

(U) Referrals 


• (U) An Agency employee and timekeeper submitted 531.75 hours of false labor charges for a loss to 
the government of approximately $22,000. The case was presented to the Office of the United States 
Attorney for the District of Maryland in August 2010 and was accepted for prosecution. 

• (U) A former Agency subcontractor submitted 34 false travel vouchers from 2007 to 2009 with 
claims of approximately $21,000. In May 2010, the case was presented to the Office of the United 
States Attorney for the District of Mary land. A decision on prosecution is pending. 

• (U) An Agency contractor violated 18 U.S.C. §208 because he returned to NSA as a contractor 
within one year of his retirement as an NSA senior employee. The Office of the United States 
Attorney for the District of Maryland declined prosecution in July 2010. 

• (U) Nine cases of contractor labor mischarging were referred to the Office of the United States 
Attorney for the District of Hawaii. Five cases have been declined for prosecution; decisions are 
pending on four. The amount of possible labor mischarging in these cases is approximately 
$180,000. 

• (U) Ten cases of contractor labor mischarging were referred to the Office of the United States 
Attorney for the District of Maryland and were declined for prosecution. The possible mischarging 
in these cases was approximately $424,000. 
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(U) APPENDIX A 

(U) AUDITS, INSPECTIONS, AND SPECIAL STUDIES COMPLETED IN 

THE REPORTING PERIOD 
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(U) APPENDIX A 

(U) AUDITS, INSPECTIONS, AND SPECIAL STUDIES COMPLETED IN 

THE REPORTING PERIOD 

(U) Audits 


(U) The Cryptographic Interoperability Strategy/Suite B 
(U) Mission-Assurance Continuity-of-Operations Compliance and Testing 
(U) Compliance with the Federal Information Security Management Act 
(U) The Operational Test Authority 


Networks 


Cyber Security: NSA Response to 


(U) Cross Domain Solutions 
(U) External Peer Review of NRO 


!;iassified 


(b) (1) 

(b)(3)-P.L. 86-36 


(U) Inspections 


SIGINT Development Strategy and Governance 
(U) NSA Georgia Cryptologic Center 


(U) Special Studies 


NSA Controls for a Classified Program (and montlily test reports from March through 
August 2010) _ 


(U > yp QUO ) 


(b)(3)-P.L. 86-36 


, • ” 

(U) Selective Employment of Retirees and Standby- Active Reserve Programs 


(U) Cyber Research 


(U) Data Sharing with Third-Party Partners 
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(U) APPENDIX B 

(U) AUDIT REPORTS WITH QUESTIONED COSTS 
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(U) APPENDIX B 

(U) AUDIT REPORTS WITH QUESTIONED COSTS 


(U) 


Report I 

Number 

Questioned Costs 

Unsupported Costs || 

For which no management decision had been made by 
start of reporting period 

0 

0 

0 

Issued during reporting period 

0 

0 

0 

For which management decision was made during 
reporting period 

0 

0 

0 

Costs disallowed 

0 

0 

0 

Costs not disallowed 

0 

0 

0 

For which no management decision was made by end of 
reporting period 

0 

0 

0 


(U) 


(U) Because our recommendations typically focus on program effectiveness and efficiency and strengthening internal 
controls, the monetary value of implementing audit recommendations often is not readily quantifiable. 
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(U) APPENDIX C 

(U) AUDIT REPORTS OF FUNDS THAT COULD BE PUT TO BETTER USE 
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(U) APPENDIX C 

(U) AUDIT REPORTS OF FUNDS THAT COULD BE PUT TO BETTER USE 


(U) 


Report 

Number 

Amount ; 

For which no management decision had been made by 
start of reporting period 

0 

0 

Issued during reporting period 

0 

0 

For which management decision was made during 
reporting period 

0 

0 

Value of recommendations agreed to by 
management 

0 

0 

Value of recommendations not agreed to by 
management 

0 

0 

For which no management decision was made by end of 
reporting period 

0 

0 


(U) 


(U) Because our recommendations typically focus on program effectiveness and efficiency and strengthening internal 
controls, the monetary value of implementing audit recommendations often is not readily quantifiable. 
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(U) NSA OFFICE OF THE INSPECTOR GENERAL 


(U) The NSA Office of the Inspector General (OIG) conducts audits, investigations, inspections, and special 
studies. Its mission is to ensure the integrity, efficiency, and effectiveness of NSA operations, provide 
intelligence oversight, protect against fraud, waste, and mismanagement of resources, and ensure that NSA 
activities are conducted in compliance with the law. The OIG also serves as an ombudsman, assisting Agency 
employees, civilian and military, with complaints and questions. 

(U) Intelligence Oversight 

(U) The OIG Office of Intelligence Oversight reviews NSA’s most sensitive and high-risk programs for 

compliance with the law. 

(U) Audits 

(U) The OIG Office of Audits provides independent assessments of programs and organizations. Performance 
audits evaluate the effectiveness and efficiency of entities and programs and assess whether NSA operations 
comply with federal policies. Information Technology audits determine whether IT solutions meet customer 
requirements, while conforming to information assurance standards. All audits aie conducted in accordance 
with standards established by the Comptroller General of the United States. 

(U) Investigations and Special Inquiries 

(U) The OIG Office of Investigations administers a system for receiving and acting on requests for assistance 
and complaints about fraud, waste, and mismanagement. Investigations and special inquiries may be 
undertaken as a result of such requests and complaints (including anonymous tips), at the request of 
management, as the result of question s that surface during inspections and audits, or at the initiative of the 

Inspector General 

(U) Field Inspections 

(U) The Office of Field Inspections conducts site reviews as part of the OIG’s annual plan or at management’s 
request. Inspections yield accurate, up-to-date information on the effectiveness and efficiency of field 
operations and support programs, along with assessment s of compliance with federal policy. The Office 
partners with Inspectors General of Service Cryptologic Components and other Intelligence Community 
agencies to conduct joint inspections of consolidated cryptologic facilities. 
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(U) A MESSAGE FROM THE INSPECTOR GENERAL 


(U) This report summarizes the more significant activities of the Office of the Inspector General (OIG) of the 
National Security Agency between 1 October 2010 and 31 March 2011. The report is mandated by the 
Intelligence Authorization Act of2010. 

(U) During the reporting period, the NSA OIG completed 2 8 audits, inspections, special studies, and 
investigations. 

(U) The Audits Division completed nine audits ranging from federal compliance to Information Technology to 
financial management and operations. The OIG rarely issues reports without a management decision and on 
only a few occasions does the OIG encounter non-concurrence with its recommendations. In th is reporting 
period, however, the Audit Report ofNSA/CSS Enterprise Solution and Baseline Exception Request Processes 
contained one non-concurrence. The Director has resolved this situation. 


(U) The Inspections Division completed reports on a field inspection of Cryptologic Services Group-Marine 
Corps Intelligence Agency and joint inspections of Menwith Hill Station and NSA activities at the U.S. Central 
Command. 


(U//¥t)UO) The OIG completed special studies on SIGINT Support 
Intelligence Surveillance Court Rule 13(a) and 13(b) filings. 


and Foreign 


(U) The Investigations Division fielded 477 contacts from the OIG Hotline. The teapi opened 20 investigations 
and closed 11 in the reporting period. 


(U) Each report and special study conta ined recommendations on which the OfG and NSA management 
concurred, recommendations designed to improve the efficiency and effectiven^s of the programs" under 
review. The OIG tracks recommendations until they have been implemented and regularly reports to the NSA 
Director on the status of open recommendations. Of the 274 recommendations issued in the reporting period. 
70 have been closed. 


(b)(3)-P.L. 86-36 


George Ellard 
Inspector General 
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(U) DISTRIBUTION: 

DIR 

DDIR 

ExDIR 
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SID Dir 

lAD Dir 

TDDir 
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OGC 

ODOC 
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DoD IG 
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( U/iTC) 3 LJ(^ Audit of Data Sharing with Third-Party PaHncrs (20 September 2010) (published in 
previogs quarter but not listed in the quarte/ly report, which was submitted early) 



(U) Audit of Educational Assistance and Recruitment Programs (18 November 2010) 

(UA^P©<^) NSA/CSS spends approximately_a year on incenti ves to meet its skill needs. 

including scholarsliip awards to students majoring in critical.fields, tuition assistance to employees 
taking college courses, bonus compensation to employees relocating to field sites, and recruitment 
bonuses to employees who staff hard-to-fill positions. The audit fobnd that standard processes for 
overseeing scholarship programs are lacking. The Agency has initiated'action to recoup approximately 
$1 million in tuition payments from employees whose grades did not meet eligibility requirements for 
tuition assistance, 

(U) Audit of the FISA Amendments Act §702 Detasking Requirements (24 


(b)(3)-P.L. 36-36 

November 2010) 


Section 702 of the Foreign Intelligence Surveillance Act (FISA) 
Amendments Act of 2008 (FAA) has strengthened SIGINT collection, particularly against terrorist 


targets. From September 2008 to March 2010 . the number of S IGINT reports that incorporated FAA 
§702 sourced collection grew from fewer than j ^t o more than | "j and the percentage of 
cou nterterrorism reporting with a contribution ffom.FAA §702 collection rose steadily from | |o 
I l^p ercent. ; 


_ * ^ • , • 

However, collection under FAA §702 mifst cease under certain circumstances to remain 

lawful, p ote*ntiallv resulting in gaps in c overage. To regain cov erage, NS A must transition to another 
authority,! • Ifor continued collation, j ■ 



(UA¥©y©) Audit of the Nucletir Weapons'Personnel Reliability Program (28 December 2010) 

(U/iTOUO) The purpose of the Nuclear .Weapons‘Personnel FleliabilitJ Program (N’^RP) is to ^sure 
that all NSA/CSS personnel who perform ituclear weapons-rela’ted duties meet the highest standards of 
reliability, including physical, psychological, and technical competence. The audit concluded that’ 
NWPRP provides reasonable assurance that only the most Veliabld.individuals perfortii duties associated 
with nuclear weapons. The audit did identify a problem id dtugrtesting methodology,•'Agency manners 
agreed to fix the problem. 
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(b) (1) 

(b) (3)-P.L. 86-36 


(HP6,W0I/i<liir) Audit ofNSA Controls to Comply with the Foreign Intelligence Surv'eillance Court 
Order Regarding Business Records - December 2010 (monthly test reports from August througti 
December 2010) 


(TS/i'SI/jW) This report summarizes results of tests of controls for December to ensure NSA's 
compliance with seven requirements of the Foreign Intelligence Surveillance Court Order Regarding 
Business Records (BR). The monthly tests were conducted throughout 2010 as part of the continuous 
auditing methodology and to meet OIG oversight requirements of the BR Order. The report found that 
NSA controls over querying were adequate to provide reasonable assurance of compliance with the Itve 
provisions of the Order that were tested. The report also found that although manual controls over the 
dissemination of serialized Signals Intelligence reports and the compilation of the Weekly 
DisseminationJ^ports are inherently risky, they are acceptable given the amount of information 
disseminated | [r eports during 2010). 

(U) Audit of Firewall IVFajiapment for CES and | (28 January 2011) 


( C/iOUjL to USA. FJ i fCY ) We reviewed | jo rganizations that operate anti maintain firew alls that 
protect the Cryptanalysis and Exploitaticfri. §ervice^CES) and | « ^ and found 



Technology Directorate and Signals Intelligence Directorate have concurred ,with*our recommendations 

X 


eiiigeii c 

to improve the management of CES and | | firewalls. 

(U) Audit of Market Research and Competition (31 January 2011) 


(b)(3)-P.L. 86-36 


(U)Ws©UO) Market research and competition are essential to fair pricing. The objective ofthis’audit was 
to determine whether the Agency is adequately seeking competition in contracting and whether adequate 
market research is being conducted and documented. The audit found that the Acquisition Resource 
Center is an effective tool, but staffing levels need review; competition statistics are inaccurate because 
of coding errors; definition of competition needs revision; and market research documentation-needs 
improvement. Management is addressing the recommendations. 


(U) Oversight Review of the Restaurant Fund, Civilian Welfare Fund, and Cryptologic Museum 
Gift Shop (18 March 2011) 

(U) This report summarizes the results of our oversight review of the audit of the Restaurant Fund (RF). 
the Civilian Welfare Fund (CWF). and the Cryptologic Museum Gift Shop for FY2010 by a Certified 
Public Accountant firm. The objective was to ensure that the audit of the RF. CWF, and Cryptologic 
Museum Shop was consistent with Government Auditing Standards. We concluded that it was, and the 
CPA firm did not identify management concerns. 

(U) Audit of the Power, Space, and Cooling Triage Process for the Extended Enterprise* (25 March 
2011) 

(UiOTOUG) The Power. Space, and Cooling Triage process is operating as intended. The [ [extend ed 
enterprise sites that participate in the process have improved management of their power requirements. 
However, one significant problem is the inability of participating sites to measure power usage 
consistently because of a lack of standardized capability to monitor power. 
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(U) Audit ofNSA/CSS Enterprise Solution and Baseline Exception Request Processes (31 March 
2011 ) 

(LM’OUO) The Technology Directorate established the National Security Agency/Central Security 
Service Enterprise Solution (NES) and Baseline Exception Request (BER) processes to reduce 
Information Technology (IT) complexity, improve interoper ability and security, and manage IT costs. 
Our review found th at Agency organizations and contractors I 

I ^ Without fiinctioning controls to ensure (Compliance, the Agency and its Chief 

Information Officer (CIO) will be unable to manage effectively IT items purchased and installed by 

Agency organizations and*its contractors. Management concuired with all but one recommendation. 

# • 


(U) Audits of Particular Significance 


(U) Audit Report ofNSA/CSS Enterprise'Solution and Baseline Exception Request Processes 
(31 March 2011) '' _!_ 

(U) QUESTIONED COSTS _ _ (b) (3 )-p.l. 86-36 

This audit uncovered ( worth of IT purchases that Agency organizations and 

contractors acquired under a fictitious BER approval number. Management will review a representative 
sample of these requisitions to determine whether the questioned costs were in compliance with the NES 
Baseline and take the appropriate action if the item purchased was not compliant. If the sample shows 
significant rates of non-compliance, the review will be extended to all requisitions under the fictitious 
number. In the meantime, new control processes have been implemented to prohibit fliture use of 
fictitious approval numbers. The processes involve Enterprise Information Technology, Directorate of 
Resources Management, and Directorate of Acquisition. This review will also provide insight on how to 
strengthen the controls being designed in response to other OIG recommendations made in this report. 

(U) Significant Recommendations Outstanding in Previous Semi-annual Reports 


(U) Audit of Operational Test Authority (12 May 2010) 

(U) The audit objective was to evaluate the effectiveness of the Agency’s Operational Test Authority 
(OTA) asNSA’s independent testing authority. 

(UiOTOUO) Finding The OTA is not independent because of its 2007 realigmnent under the 
Technology Directorate (TD). which is responsible for developing technology for major systems. TD 
can influence OTA because it controls OTA’s budget and reviews OTA’s suggested changes to Agency 
policies and guidance. 

Recommendation 1 The OIG recommended establishing an independent OTA with direct 
reporting authority to the NSA Director. UPDATE: This recommendation is now CLOSED. 


(U) Audit of Cross Domain Solutions (23 June 2010) 


( U)VFOU <^) The audit objective was to determine whether Cross Domain Solutions (CDSs) effectively 
and efficiently protect Agency networks. A CDS is a controlled interface that allows the secure transfer 
of data between domains with different security levels (e.g.. Top Secret to Unclassified). 
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(U )‘ff'OUO ) Recommendation 1 The OIG recommended improving 
Agency CDS I 
operational Cbss. 

(S)¥W) Finding The Agency 


(b)(1) 

(b)(3)-P.L. 86-36 


^foKall 



Recommendatio n 5 The OIG recommended developing a st andard operating procedure 
(SOP) to document appro ved 


This SOP should require that changes be logged and controlled in an appraved 

•" " * * " “ " *1*.^ " *•* * " r>T-'Trx \ ^ ^ r 


central repository. UPDAtfi:' Tfiis recommendation is now CLOSED. 


(b)(3)-P.L. 66-36 


(U) Audit of Mission-Assurance Continuity of Operations Compliance and Testing (17 August 
2010 ) 

In August 2008. NSA identified 14 Mis sion E ssential Functions (MEFs) that must be 
performed in all circumstances. As of August 2009. [Zh gency organizations had been identified as 
being responsible for performing essential tasks that support one or more.’qj'the 14 MEFs. 

( ^i VML TOUSAi g\liY ) Finding 


/ 

/ 

/ 

/ 

/ 

/ 

/ 

/ 

if 

/ 


(U iVFQUQ ) Recommendation 1 The OIG recommended that the Agency track organization 
compliance in developing complete COOP plans and performing annual’updates and testing. 


(U) Ongoing Audits 


(U) Audit of NSA Police Operations 

(Uiltf©^©') The audit objective is to evaluate the effectiveness and e^iciency of the National Security 
Agency Police (NSAP) at NSA/CSS Washington (NSAW), specifically to determine whether NSAP is 
adequately equipped, staffed, and trained to protect and defend*NSAW personnel and property. 


(U) Audit of Agency Controls 



Hardware Purchases 


The a udit objective is to determine whether the Agency’s internal controls effectively 


reduce the risk for 


“O- J --- 

ITechnology purchases. 


(U) Audit of NSA/CSS’s Wireless Networks and Devices 

(U) The audit objective is to assess Agency controls for protecting against unauthorized operation of 
wireless networks and devices within NSA/CSS spaces and to assess Agency wireless implementation 
initiatives. 


(U) Audit of High-Performance Computing 

(U) The audit objective is to evaluate the contracting process of the High Performance Computing - 
Special Program Office. 
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(U) Audit of Information Sharing 

(U) The audit objective is to review Agency effectiveness in sharing cyber threat and vulnerability 
information with other Intelligence Community agencies in accordance with the Comprehensive 
National Cyber Initiative. 

(U) Audit of the Acquisition Security Process 

(U) The audit objective is to determine whether the Acquisition Security process effectively and 
efficiently mitigates the foreign ownership, control, or influence and counterintelligence risk of the 
Agency’s information technology purchases. 

(U) Audit of the ARCANAPUP Modernization Effort 

(U) The audit objective is to determine the effectiveness of ARCANAPUP in meeting program goals. 

(U) Audit of Nuclear Command and Control (NC2) Program 

(U) The audit objective is to determine whether NSA implemented corrective actions to satisfy 
recommendations made in previous audits and reviews of the NC2 process. 

(U) Audit of NSA’s Compliance with National Security Directive 42 to Support Non-DoD Agencies 
for Network Intrusions 

(U) The audit objective is to determine whether the Information Assurance Directorate is effectively 
fulfilling the Agency’s responsibilities for network intrusion support to non-DoD agencies in accordance 
with National Security Directive 42. National Policy for the Securit)’ of National Security 
Telecommunication and Information Systems. 5 July 1990. 

(U) Audit of General Application Controls for Agency Payroll, Human Resources, and 
Contracting Systems 

(U) The audit objective is to assess the general and application controls of the Agency’s payroll, human 
resources, and contractor systems. Specifically, the NSA Comptroller has requested that we review the 
Defense Civilian Payroll System, the Human Resources Management System, and the Contracting 
Management Information System. 
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(U) INSPECTIONS 


(U) Completed Inspections 


(U) Joint Inspection of Alaska Mission Operations Center (8 October 2010) 

(TT'JOl Pft) The Alaska Mission Operations Center (AMOC) has made significant progress since its first 
Joint IG inspection in 2006. Site leadership is actively engaged in mission and working diligently to 
shift the culture fiom an Air Force-focused site to an NSA/CSS site. Site leadership is trying to balance 
mission needs and resources based on inadequate guidance and documentation from NSA/CSS. The site 
uses mission personnel to supplement necessary enabling functions resulting from increased mission 
growth and an increase in NSA/CSS civilian personnel. An appropriate skill mix is hard to determ ine 
because much of the mission is not formally documented. ! 

■ I The fiiture for 

AMOC includes new mission sets, more customer engagement, and aggressive partnership development. 
all of which could place additional burdens on an already stretched workforce. 


(U) Field Inspection of Cryptologic Services Group-Marine Corps Intelligence Agency 
(1 December 2010) 

(U//TOU©) The field inspection of the Cryptologic Services Group (CSG)-lsiarine Coips Intelligence 
Agency (MCIA) found a number of serious problems woth the organization’s* readiness to accomplish its 
assigned mission. Although manning numbers are sufficient, the majority oftpersonnel 


• j CSGlraining. 


intelligence oversight, and mission guidance to junior personnel were not sufficient. We also found that 


J_ Recorrihiendations have been *. • 


formally tasked for action. 

(U) Joint Inspection of Menwith Hill Station (14 December 2010) 


(b) (3)-P.L. 86-36 


Mission accomplishment at Menwith Hill Station is successfiil However, 

I I SISA/CSS and other agency 

mission sponsors must provide guidance to the site on mission prioritization. The lack of agreem ent on 
cost-sharing Memoranda ofUnderstanding ancf 


remains of significant concern; however, significant progress has been made toward resolving both 
findings since the inspection. C ontinued ] ' | 

I l and repeated delays in military construction funding for family housing 

projects affect quality of life for a’ssigned perpqmiel. Recommendations have been formally tasked for 
action. . 


(b) (1) 

(b) (3)-P.L. 86-36 
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(U) Joint Inspection of NSA Activities at U.S. Central Command (4 March 2011) 

(Tl'Jini Leadership has built a positive, mission-oriented workforce. In almost eveiy area, however, 
inspectors found processes that were successful yet undocumented. Lack of formal guidance makes it 
difficult at times for NSA/CSS Representative to Central Command (NCRCENT) personnel to support 
NSA interests effectively. Implementation of field governance is applied inconsistently across the 

~ Furthermore. NSA Headquarters’ over-relianc e on Staff**; 

Processing Forms makes it difficult to opemte in a fast-paced operational environment, j h 

f * ♦. Lack of promotion opportunities, as a resiilp 

of civilian promo tion caps. l •« ♦ • "Tj 

I Recommendations have been formally task'ed fqr action. • • 

-^ . * •: . 

""••• ** * ■ 

(U) Inspections of Particular Significance. . . , * *: 


(U) Joint Inspection ofMenwith Hill Station (14 December 2010) (3)-p l 86-36 

(U) REFERRAL: Problems with DoDEA School Administration , . | 

(Tl'rnifP) Although not within the scope of an Intelligence ^Gontmunity •inspection, the Menwith Hilt 
Station (MHS) Joint Inspection Team identified, docymcnte’d. and addj^sed’viidespread, longstanding 
discontent with perceived lack of professionalism Tjy the on-base Departme/it c5f Defense Education • 
Activity (DoDEA) School administi;ator5 and teachers. The situptiqn adversely affects the station’s » 
quality of life and mission operafions. A Joint Inspector Generhl.ClG) town haU meeting was conducted 
to gain a bette r und erstanding of the scope of school -related issues. The jneetiiig was attended by * 
approximately | p arents, many of whom were extremely frustrated by tlieir inability to resolve issues 
despite numerous visits and telephone calls to the scheol. ^The IG’s coijcem about degradation of « 
mission operations and MHS quality of life drove pur decision to include this iii our report. The 200"^ 
MHS Joint IG Inspection also documented concerns with effective administration, management, and * 
discipline in the MHS DoDEA School. The .Joint Inspection Team findings were formally referred t» 
the DoD IGas a matter under its purview.. Updates from the site indicate that the referral resulted in^ 
increased scmtiny from the DoDEA regional achninistration and thdt the local school administration Jias 
begun to make positive changes. .* .♦ • ^ 

(U) Significant Recommendations Outstanding in Previous Semi-Annual Reports; 


(U) Joint Inspection of t* | (17 November 2^08) '• 

(U) FINDING: Fire Suppressi.om System Lacking • 7 . 

Lack •of a fire suppression system in | f - 

I seriously degrades the ability to protect life and critical equipment. This deficiencyiwas 
initially identified durin|:.a 1997 Joint Inspector General inspection and was again noted in an NSA.*' 
Occupational Health ^d Enviro nmental Survey conducted in 2000. Overall stevyardship ofl 'I 
facilities is the respQnsibility ofl ■ I 


I Planning for fire suppression system installation began in May 2001; however, no 
stakeholder agencies committed the needed funding. Although it remained a critical safety deficiency, 
no further progress was made until September 2009, when the Director. NSA emp hasized the need to 
complete the action. | I contracted for system 
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(b) (1) 


(b)(3)-P.L. 86-36 


(b) (3) -P.1,. 86-36 



♦ 



diesign. follqtved by a phased installation in 2010 using consolidated cryptologic ptogram funding. The 
installation2sjiow^^7%^^coniplete^^^proiectedcompletion date ofNovember 20J*1 remains tentative 
because o f| | and possible delays in getting supplies needed to 

complete the installation. 


♦ 

■ • 

(U) Multiple Joint Inspections from FY2005 to FY2010 Regarding USSiD CR1200 

( oncept oj SIGINT Support to Military Commanders provides policy and 
guidance on Signals Intelligence (SlGINT) support to military commanders and operations. Published 
in 1998, this United States Signals Intelligence Directive (USSID) is severely outdated, contains 
obsolete functions and terminology not.used in current military doctrine, provides no Higher 
;Headquarters template for present-day ffjilitaiy Operations Int^ration. and does not establish standards 
•for expeditionary SIGINT support for ongoing militar y opera tions. This significant deficiency was 


noted as a finding in inspection reports encompassing 
beginning in FY2005 (Reference Findings:] 


Global Cryptologic Enterprise Sites 


□ 


_;_^_land continuing to the present. An 

NSA/CSS action element is leading a working group with stakeholder participation to draft a new 
USSID as recommended in this inspection report. The action element determined that other supporting 
policy documents must first be updated; there is no estimated completion date for this critical document. 


(U) Joint Inspection of NSA/CSS Georgia (30 June 2010) 

( U^OW) Finding Substantial growth in NSA/CSS Georgia’s (NSAG) Signals Intelligence. 
Information Assurance, and Computer Network Operations (CNO) missions and its information 
technology infrastructure has strained mission support resources. During the past five years. NSAG has 
experienced a large influx of joint and tactical personnel, who arrive without enabling support. They 
rely instead onNSA’s heavily burdened support infia structure. A root cause of this deficiency is the 
lack of clear manpower and budget requirements necessary to operate the cryptologic center. 

( ■L V i OTOlit^ ) Recommendation FG-10-2036 NSA Headquarters and NSAG should define, program for. 
and provide the minimum mission enabler personnel and flmds needed to operate the Center effectively. 
UPDATE: This recommendation is now CLOSED. 

TO UOji'i, rifE'¥) Finding There are not enough joint operation s personnel at NSAG to meet 
tactical mission requirements. Continued mission growth is stressing mission organizations and 
personnel to the limit, especially in time-sensitive tactical support. NSAG’s growingj ~~\ 



(U/ZEOJy©) Recommendation FG-10-2001 ^The*NSA Signals Intelligence Director should develop a 
business plan for the prioritization and appropriate distribution of tactical missions and associated 
resources at NSAG. taking into consideration the demands that additional mission will put on the site. 
UPDATE: This recommendatieri is now CLOSED. 


(b) (1) 

(b) (3)-P.L. 86-36 
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(U) Ongoing Inspections 


(U) Joint Inspection of NSA/CSS Hawaii 

(U// 3 ^ 0l ^) The NSA/CSS Office of Inspections conducted a Joint Inspection of NSA/CSS Hawaii 
between 24 Januar>' and 4 February 2011 The final report is in coordination. 

(U) Expeditionary' Operations Review of | 

(UZ/rnUfTi The Inspe ctions Team conducted a review ofNSA activities_from 

I The draft report is in coordination. 
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(U) SPECIAL STUDIES 


(b) (3)-P.L. 86-36 


(U) Completed Special Studies 


(U) Special Study ofSIGINT Support tol 


(40 February 2011) 


(TD/ZOI/i ' ^lF) The objective of this spe cial study was to assess p rocedures and controls used to provide 


Signals Intelligence (SIGINT) support 


The study focused on support to 


_ _We 

reviewed mission management, analytic techniques, and SIGINT dissemination. With few exceptions. 
NSA/CSS support was effective, and SIGINT reporting complied with Agency directives. However. 
NSA/CSS has not established a c ommon definition, qualification or-proficiency standards, or formal 
training for | j^ operational support policy should be improved. CT operational! security 

should be reviewed, and the role of the CT Mission Management Center should b e clearly delin^eated; 
and reporting guidance is ambiguous, does not effectively address j* | and has inconsistent 

reporting standards. The corrective actions planned by management- meet the intent of the • • 
recommendations. ♦, ! ‘ ! • 

* ♦ ' " " * 

(U/ /rOU0 ) Review of Foreign Intelligence Surveillance Court (FISC) Rule lS(a) and 13(bj Filings 

(22 March 2011) *•. ! .• ;! 

♦ 

(U// FOUO ) FISC Rule 13(a) requires the governmenf to immediately correct misstatements or - [ 
omissions of material facts in submissions to the FISC. "Rule 13(b) requires the g'overnment to! ■ 
immediately inform the FISC of incidents outside the scope jDf the Court's authorization. The ISSA 
Office of General Counsel (OGC) coordinates the filing of notices With the US Department of Justice, 
the final author of 13(a) and 13(b) notices. The OIG reviewed 13Ca) and 13(b) filings from September 
2009 through November 2010 for timeliness and accuracy. In that *^riod, no FISC notices were 
amended because of material misstatements within the initial FISC inci4ent repojis. However.|!we 
observed that OGC does not maintain a central repository or tracking system for-13(a) and 13(h') filings. 
During our review, the Signals Intelligence Directorate and OGC adopted a’prooess to address j 

ess matures : _ 


timeliness concerns. We will consider conducting another review vihen that prb^ 

(U) Special Studies of Particular Significance 


(U) Special Study ofSIGINT Support to 

(TS//SI//NF) N SA/CSS [ 

(CT) missions. 


(b) (1) 

(b) (3>-50 use 3024 (i) 
(b) (3)-P.L. 86-36 


combined with 


10 Febijiaf^ 2011) 

n 


in ^Opport of counter-terrorism / 
This information can be^* 


of what constitutes 
performance. 


g wevfir' NS A CT organizations do not share a common definition 
contributing to inconsistent practices and affecting mission 
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(b) (1) 

(b) (3)-P.L. 86-36 


(U) Significant Recommendations Outstanding in Previous ^Semi-annua-l-Reports- 

• • 

* ■ • a 

• « 

(U) Review of Data Sharing with Third-Party Paftfltrs .* ! *. I 

(U//r0U01 NSA’s third -party partners are nations other than Ausjfalia. Canada, New Zealand, and ihe 
United Kingdom with which the U S. gcrv*ernment has national ^ijenals Intelligence (SKjINT) " 
arrangements. The purpose of the*review was to determine wh ether policies and procedlirei are in place 

■ I 


[ 


to ensure compliance with^ufliorities for sharing f 


[with third -party partners. 


(U//yQUQ )‘Pinding Updated policies and process improvements are needed. Documentation for | " | 
I f disseminated to third-party partners is not centrally maintained. Limited documentation is . 

scattered across many locations throughout the SIGINT Directorate (SID) and the Foreign Affairs \ 
Directorate (FAD). Documentation in FAD’s Foreign Affairs Knowledge System is not current or | 
easily retrievable. 


(U//F0W©-) Recommendation la FAD should establish a repository for documenting[ 


shared with third-party partners, and it should update existing documentation. UPDATE: FAD has 
established a repository but has not updated documentation. 


(C/ifRCL TO USjA FVE ' Y) Finding Although SID's Analysis and Production Directorate (S2) 
developed a process in February 2007 to sample P" Id isseminated to third-party partners, the 

process is not we ll understood, and it has never been reviewed.. Quarterly guidanc e to the S2 workforce 
on how to sample ^ |^d isseminated to partners is unclear, and. as a result, 

inconsistent. ♦. *. 


IS 


(U/ /POUO ) Recommendation 2a SID should revise its oversight process for disseminating ! 

I [to partners, including sampling procedu/es. and inform thewdtkforce of the revised process. 

SID should also publish an approval authority mafrbc for third-party activity and fotmal training;on 
third-party partners Kips-and provide it to NSA personnel.*, *. ’ • 


(U/ /F0UO) Finding SID lacks a standartl•process fori 

I I ■■■•• 


[ 


} 


(U/ /F - OUO ) Special Study of 


2b and 2C SID should .establi.sh a stand&rd.prq'ce^ij*.. 

• « 


(b) (1) 


(b) (3)-P.L. 86-36 


(UA TOU Q) After the 11 September 2001 terrorist attacks on the United States. NSA establis hed a 
I I I Since then. 

j; j has undergone several reorganizations; most recently ^ { became an element of the SIGIKT 

.•Development Strategy and Governance organization. . ♦ ; 

■ ■ ♦ 

(U// TOUO )- Finding I [ lacks essential missipn'documentation and standards for NSA Headquarters 
and the Extended Enterprise. . • * | 


(C/iTlEL TO USA; FVE¥ ' ) Recommendation lb I | should develop a Mission and Funct ions ! 
Statement. Strategic Plaiv and irrrpiementipg 4nsfructions. reflecting the evolving mission of] 


(b) (3)-P.L. 86-36 


f 
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Vo) (1) 

(b)(3)-?.L. 86-36 


( external 

agencies. The documents should clearly define internal management controls in standaid operating 

procedures, system configuration management, and budget documentation. 


Finding | jh as no Intelligence Oversight program. 

# 

( U/ffOUO ) Recommendation 9’a. The | (s hould establish an Intelligence Oversight program in 

accordance with Department of Defense, regulation s and NSA policies. 

♦ • 

(U) Ongoing Special Studies 

('PS)¥Sti¥NP') Audit of NSA Controls to Comply with the’Eo/eign Intelligence Surveillance Court 
Order Regarding Business Records 

* « 

(¥9!i¥@h¥N^) The objective of this study is to determine whether contro*ls* K). ensure NSA compliance 
with the key terms of the Foreign Intelligence Surveillance Court Order regardi ng business records are 
operating as intended. (b)(3)-P.L. 86-36 

Special Study on Non-traditional Dissemination Methods 


( U iWP OUO) The objective of this study is to evaluate the use of non-traditional* clisseminatiofl methods 
for compliance with policies and procedures. .* ■ 


Audit of NSA Controls to Comply with the Foreign Intelligence) Surveillante Court 
Order Regarding Pen Register and Trap and Trace Devices • | 

(^//CI//I > nT) The audit objective is to determine whether the controls tested as part of a 2010 yearlong 
review of NSA compliance with seven provisions of the Business Reco'rds Ordei)were adequate to 
provide reasonable assurance of compliance with similar provisions qfthe Pen Register and-Trap and 
Trace Order. • . ! 


Assessment of Management Controls to Implement'the FISA Antendments-Act of 2008 

• * ■ 

( U/iTOUQ ) The objective of this study is to determine whether NSA controls are'.adequate tb provide 
reasonable assurance that NSA complies with the terms of the ^reign Intelligence Surveillance Act 
Amendments Act. 

• ■ ■ 

( U//FOUO ) Special Study of Computer Network Exploitat ion j ‘ • "H 


(U i'iTOUO) The objective of this study is to evaluate | ( Foreign 

Intelligence Surveillance Act operations for compliance with national and ImsA policies ana procedures. 


Audit of NSA Controls to Comply with the Foreign Intelligence Surveillance Court 
Order Regarding Business Records Retention 

The objective of this study is to determine whether NSA controls are adequate to provide 
reasonable assurance that NSA complies with the terms of the Foreign Intelligence Surveillance Court 
Order for business records retention. 
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(U) INVESTIGATIONS 


(U) Summary of Prosecutions 


(U) Convictions 

• (U) An Agency employee pled guilty in December 2010 to accepting more than $110.000 in 
bribes from a contractor as part of a scheme to defraud NSA. Sentencing is scheduled for June 
2011 in the U.S. District Court in Baltimore. MD. 

• (U) A contractor pled guilty in December 2010 to making unlawful payments to a govermnent 
official as part of a scheme to defraud NSA. On 12 April 2011, the contractor was sentenced in 
the U.S. District Court in Baltimore. MD. to one year and one day incarceration and three years 
of supervised release, the first six months of which will be served in home detention. 

• (U) A contractor pled guilty in December 2010 to making unlawful payments to a government 
official as part of a scheme to defraud NSA. Sentencing is scheduled for June 2011 in the U.S. 
District Court in Baltimore. MD. 

(U) Referrals 


(U) Three contract labor mischarging investigations are being considered for prosecution. The potential 
dollar loss exceeds $90,000. 

(U) OIG Hotline Action_ 


( U i ^fl i QUO ) As the result of an OIG hotline complaint from a member of the public (via unclassified 
Internet website), an Internet service provider was asked to remove the NSA logo from the profile of a 
blogger, who was not affiliated with NSA. The Internet service provider complied in March 2011. 
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(U) INDEX OF REPORTING REQUIREMENTS 


(U) 


I IGAct j 

i Reporting Requirement 

Page {I 

§5(a)(1) 

Significant problems, abuses, and deficiencies 

3. 8, 11 

§5(a)(2) 

Recommendations for corrective action 

3, 8, 11 

§5(a)(3) 

Previously reported significant recommendations not yet completed 

3-4, 8-9, 12-13 

§5(a)(4) 

Matters referred to prosecutive authorities 

15 

§5(a)(5) 

Information or assistance refused 

N/A 

§5(a)(6) 

List of audit, inspection, and evaluation reports 

19-20 

§5(a)(7) 

Summary of significant reports 

3, 8. 11 

§5(a)(8) 

Audit reports with questioned costs 

21 

§5(a)(9) 

Audit reports with funds that could be put to better use 

23 

§5(a)(10) 

Summary of reports for which no management decision was made 

N/A 

§5(a)(11) 

Significant revised management decisions 

N/A 

§5(a)(12) 

Management decision disagreements 

N/A 


(U) 
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(U) APPENDIX A 

(U) AUDITS, INSPECTIONS, AND SPECIAL STUDIES COMPLETED IN 

THE REPORTING PERIOD 


(U) Audits _ 

(U) Financial Management 

• (U) Audit ofEducational Assistance and Recruitment Programs 
(U) Federal Compliance 

• (U) Audit on the FISA Amendments Act §702 Detasking Requirements 

• (T8J'J'31)'/1<IP) Audit ofNSA Controls to Comply with the Foreign Intelligence Surveillance Court 
Order Regarding Business Records - December 2010 

(U) Information Technology 

• (U) Audit of Firewall Management for CES and 

• (U) Audit Report ofNSA/CSS Enterprise Solution and Baseline Exception Request Processes 
(U) Operations 

• (U /ifFOU ;^) Audit of the Nuclear Weapons Personnel Reliability Program 
(U) Business Practices 

• (U) Audit ofMarket Research and Competition 

• (U) Audit of the Power. Space, and Cooling Triage Process for the Extended Enterprise 

(U) Inspections _ 

(U) Joint Inspections 

• (U) Joint Inspection of Alaska Mission Operations Center 

• (U) Joint Inspection of Menwith Hill Station 

• ( UiOTOUO ) Joint Inspection of U.S. Central Command 
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(U) Field Inspections 

• (U) Field Inspection of Cryptologic Serv'ices Group-Marine Corps Intelligence Agency 

(U) Special Studies_ 


(U) Operations 

• (U i'iTOIilQ ') Special Study ofSIGINT Support tc (b) (3) r.L. 86 36 

(U) Federal Compliance 

• Review of Foreign Intelligence Surveillance Court (FISC) Rule 13(a) and 13(b) Filings 


ii )i ^ \weRETii < coiWNT)moroim 

20 


Release: 2019-06 
NSA:08888 





Doc ID: 6672265 


mM i ECRETA < eomW)moroRN 


(U) APPENDIX B 

(U) AUDIT REPORTS WITH QUESTIONED COSTS 


(U) 


1 Report j 

Number j ^ 

Questioned Costs j : 

Unsupported Costs i 

For which no management decision had been made by start 
of reporting period 

0 

0 

0 

Issued during reporting period 

2 

$49,820,000 

$920,000 

For which management decision was made during reporting 
period 

2 

$49,820,000 

$920,000 

Costs disallowed 

1 

$920,000 

$920,000 

Costs not disallowed 

0 

0 

0 

For which no management decision was made by end of 
reporting period 

1 

$48,900,000 

0 

(U) Because our recommendations typically focus on program effectiveness and efficiency and strengthening internal controls, the 
monetary value of implementing audit recommendations often is not readily quantifiable. 


(U) 
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(U) APPENDIX C 

(U) AUDIT REPORTS OF FUNDS THAT COULD BE PUT TO BETTER USE 

(U) 


Report I Number p Amount 


For which no management decision had been made by start 
of reporting period 

0 

0 

Issued during reporting period 

0 

0 

For which management decision was made during reporting 
period 

0 

0 

Value of recommendations agreed to by management 

0 

0 

Value of recommendations not agreed to by 
management 

0 

0 

For which no management decision was made by end of 
reporting period 

0 

0 

(U) Because our recommendations typically focus on program effectiveness and efficiency and strengthening Internal controls, the 
monetary value of implementing audit recommendations often Is not readily quantifiable. 


(U) 
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